How secure is GnuPG

Daniel Carrera
Tue Jul 23 21:29:01 2002

Thanks for the help.  I have a few more questions.

> In any event, it is perfectly reasonable to make 2048 bit (or larger)
> RSA keys if you prefer.

Is there any drawback to using a 2048 bit key?  I know that it'll take
longer to make the key the first time, but I don't care.  That's a
one-time thing.

I figure that there must be some sort of tradeoff other than the original
key generation.  Otherwise everyone would be using a 4096 bit key.

> It means you need to upgrade :)  GnuPG 1.0.7 includes RSA key generation.

Is it actually important to upgrade?
Is it difficult to upgrade?  I mean, will my current public and private
key rings still work?  Will they have to be "translated" to RSA?

> > Am I safe with my 1024 bit ElGamal key?
> Depends who your attacker is.  Unless you're concerned about a large
> government, then probably it is.

Well, if there is no loss, I can just be a little paranoid and go for an
unbreakable key.

I kind of like the idea of having a key that is beyond human technology to
break.  Would a 2048 bit key be beyond our technology to factor?

Also, how complex should my passphrase be?
I chose my passphrase so that guessing it would be roughly equal to
guessing a 128-bit key.  I figure that anymore would be overkill because
it'd be easier to crack the 128-bit key, and any less would compromise the
security of the 128-bit key.
Am I right?

Thanks for all the help, I do appreciate it.