increase the default RSA key size to 3072 bits
ilf
ilf at zeromail.org
Thu Apr 18 09:21:48 CEST 2019
OpenSSH 8.0 was released yesterday, one change being:
> * ssh-keygen(1): Increase the default RSA key size to 3072 bits,
> following NIST Special Publication 800-57's guidance for a
> 128-bit equivalent symmetric security level.
This points to
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf#page=66
GnuPG 2.2.15 still has RSA 2048 as default, although Debian (and
Debian-based distros) ship with 3072 as default.
I would be in favor of following OpenSSH and increasing the default RSA
key size to 3072 bits.
--
ilf
If you upload your address book to "the cloud", I don't want to be in it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190418/ed57ca17/attachment.sig>
More information about the Gnupg-devel
mailing list