Multiple encryption subkeys
Adrian 'Dagurashibanipal' von Bidder
Wed Apr 30 09:14:02 2003
Content-Description: signed data
On Wednesday 30 April 2003 01:24, Johan Wevers wrote:
> Adrian 'Dagurashibanipal' von Bidder wrote:
> >I guess the idea is not bad. However, you'd have to match the strength of
> >the public key encryption to the strength of the underlying block cipher=
> > I don't have data on this, but I when you use a 128bit block cipher with
> > a 2048 public key, the block cipher is much easier to break, so with
> > going to 4096bit public key you don't gain anything.
> Not really. You need to know that symmetric-key ciphers are usually much
> stronger than public-key ciphers with the same keylength.=20
Yes, that's clear (it's even obvious, to me).
> A 128 bit RSA
> or DH key can be brute-forced easily. Elliptic curves seem to do better
> with short keylengths but they are at this moment much less studied than
> RSA or DH.
> 128 bit symmetric is roughly comparable to a 2048 bit RSA or DH key.
I just wasn't sure where this point of (rough) comparability is. But still:=
128 bit is comparable to a 2048 RSA key, you don't gain much going to a 409=
bit RSA key.
featured link: http://fortytwo.ch/gpg/subkeys
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d