some more doubts

Johan Wevers johanw@vulcan.xs4all.nl
Sat May 25 08:53:02 2002


Aditya wrote:

> there are several versions of  gpg / pgp avilabe on the net for download for
> presonal use

>From gpg there is only one version, it doesn't make any distinction between
personal and other use.

> 1. which one is the best for personal use

That depends on your requirements. If you're comfortable with commandline
programs, I'd use gpg because it's still actively developed

> 2. is the 8192 bit rsa key more secure

Depends on the symmetric cipher used: if you use a 128 bit symmetric cipher
this becomes the weakest link. Anyway, brute-forcing a 4096 or 2048 bit RSA
key is still something that even the NSA can't do.

> that the rest and is it compatable with others ?

No. However, if you generate a RSA key with gpg it will be a v4 RSA key,
which are actually 2 keys, one for signing and one for encryption. This
is incompatible with pgp 2.x. If you want to remain compatible with
2.x users you need a <= 2048 bit RSA v3 key. If only GnuPG compatibility
counts a <= 4096 RSA v3 or v4 key will do, or a <= 4096 DH/DSS key.

-- 
ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw@vulcan.xs4all.nl   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html