Multiple encryption subkeys
Adrian 'Dagurashibanipal' von Bidder
avbidder@fortytwo.ch
Wed Apr 30 09:14:02 2003
--Boundary-02=_eg3r+hrN7nG1yOx
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline
On Wednesday 30 April 2003 01:24, Johan Wevers wrote:
> Adrian 'Dagurashibanipal' von Bidder wrote:
> >I guess the idea is not bad. However, you'd have to match the strength of
> >the public key encryption to the strength of the underlying block cipher=
-
> > I don't have data on this, but I when you use a 128bit block cipher with
> > a 2048 public key, the block cipher is much easier to break, so with
> > going to 4096bit public key you don't gain anything.
>
> Not really. You need to know that symmetric-key ciphers are usually much
> stronger than public-key ciphers with the same keylength.=20
Yes, that's clear (it's even obvious, to me).
> A 128 bit RSA
> or DH key can be brute-forced easily. Elliptic curves seem to do better
> with short keylengths but they are at this moment much less studied than
> RSA or DH.
>
> 128 bit symmetric is roughly comparable to a 2048 bit RSA or DH key.
I just wasn't sure where this point of (rough) comparability is. But still:=
if=20
128 bit is comparable to a 2048 RSA key, you don't gain much going to a 409=
6=20
bit RSA key.
cheers
=2D- vbi
=2D-=20
featured link: http://fortytwo.ch/gpg/subkeys
--Boundary-02=_eg3r+hrN7nG1yOx
Content-Type: application/pgp-signature
Content-Description: signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iKcEABECAGcFAj6veB5gGmh0dHA6Ly9mb3J0eXR3by5jaC9sZWdhbC9ncGcvZW1h
aWwuMjAwMjA4MjI/dmVyc2lvbj0xLjMmbWQ1c3VtPTE0Y2E2MTZmMTQ2ODJhODJj
YjljYzI1YzliMzRhMTBkAAoJEIukMYvlp/fWNjwAn2dmER7W9D0bwx9bjB0nhwsZ
4TQLAKC/a99m5nyQl+ke99NdYLqgMwdotQ==
=I/0/
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d
--Boundary-02=_eg3r+hrN7nG1yOx--