Multiple encryption subkeys

Adrian 'Dagurashibanipal' von Bidder
Tue Apr 29 21:10:02 2003

Content-Type: text/plain;
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Tuesday 29 April 2003 19:15, Dennis Lambe Jr. wrote:

[multiple subkeys with various strengths]

> 1) Is this a worthwhile endeavor, cryptographically speaking?  That is
> to say, am I justified in wanting to do this, or is there something I've
> overlooked that makes this a bad or useless application of subkeys?

I guess the idea is not bad. However, you'd have to match the strength of t=
public key encryption to the strength of the underlying block cipher - I=20
don't have data on this, but I when you use a 128bit block cipher with a 20=
public key, the block cipher is much easier to break, so with going to=20
4096bit public key you don't gain anything.

If you want to do this really seriously, you'll need to read up on the curr=
best known attacks on the various block ciphers and the public key algorith=
and make sure that you really gain security by using a stronger public key.

> 4) A lot of messages I read from 2002 and earlier this year suggest that
> many keyservers are still having difficulty with multiple subkeys.  Is
> this still the case, or have there been recent positive developments in
> that area?  What's the official gnupg-users party line on the use of
> keyservers with multiple subkeys?  Is it still "use and pray"?

Yes, this still is mostly the case. One or two of the pksd keyservers and t=
keyservers running sks don't have the subkey problem, and gnupg 1.2.1 has=20
logic to recover as far as possible when it receives a broken key. Problem=
with the pksd keyservers is that Jason Harris still thinks that his patch i=
not as perfect as it should be and therefore has not released it yet.

=2D- vbi

OpenPGP encrypted mail welcome - my key:

Content-Type: application/pgp-signature
Content-Description: signature

Version: GnuPG v1.2.1 (GNU/Linux)

Signature policy: