increase the default RSA key size to 3072 bits
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Apr 19 15:50:13 CEST 2019
On Thu 2019-04-18 09:21:48 +0200, ilf wrote:
> OpenSSH 8.0 was released yesterday, one change being:
>
>> * ssh-keygen(1): Increase the default RSA key size to 3072 bits,
>> following NIST Special Publication 800-57's guidance for a
>> 128-bit equivalent symmetric security level.
>
> This points to
> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf#page=66
>
> GnuPG 2.2.15 still has RSA 2048 as default, although Debian (and
> Debian-based distros) ship with 3072 as default.
>
> I would be in favor of following OpenSSH and increasing the default RSA
> key size to 3072 bits.
GnuPG master already defaults RSA keys to 3072 bits, and debian has been
shipping this as the default in unstable since September 2017 (version
2.2.0-2), and in stable itself since October 2018 (version
2.1.18-8~deb9u3). I've heard no complaints about it.
the modern version of gpgsm has shipped upstream with 3072-bit RSA
defaults since 2.2.14 (2019-03-19).
So the only holdout and 2048-bit RSA is the modern version of gpg
upstream.
I agree that it makes sense to do this on the 2.2 branch.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20190419/c93660ba/attachment.sig>
More information about the Gnupg-devel
mailing list