How secure is GnuPG

Werner Koch
Tue Jul 23 22:07:02 2002

On Tue, 23 Jul 2002 15:30:23 -0400 (EDT), Daniel Carrera said:

> Is there any drawback to using a 2048 bit key?  I know that it'll take
> longer to make the key the first time, but I don't care.  That's a
> one-time thing.

All operations are slower of course.

> Is it actually important to upgrade?

If you just started with GnuPG, upgrade.

> Is it difficult to upgrade?  I mean, will my current public and private
> key rings still work?  Will they have to be "translated" to RSA?

You can still use your old keyrings.  Keys can't be tr4anslated to RSA
but DSA/ElGamal are just as fine as RSA.

> I kind of like the idea of having a key that is beyond human technology to
> break.  Would a 2048 bit key be beyond our technology to factor?

>From waht we know even 1024 bit are not factorable.  And attacks on
your privacy won't be done by factoring key but by silently breaking
into your computer and sniff whatever you wnat to keep confidential.
All parts of a computer system are vulnerable, the maths of RSA
etc. are probably the strongest components.

> Also, how complex should my passphrase be?
> I chose my passphrase so that guessing it would be roughly equal to
> guessing a 128-bit key.  I figure that anymore would be overkill because
> it'd be easier to crack the 128-bit key, and any less would compromise the
> security of the 128-bit key.

Remembering such a passphrase is for most human beiing impossible and
it is quite some work to type it in.  Note that the passphrase only
protects the secret key in case it has been compromised; with "modern"
worm technologies you have simple ways to snoop on the keyboard anyway.