GPG and 1024-bit (or multiple) subkeys

Alphax alphasigmax at
Wed Aug 16 11:23:33 CEST 2006

Werner Koch wrote:
> On Tue, 15 Aug 2006 21:09, Johan Wevers said:
>> keys larger than 2048 bits but hacked versions exist that ganerate 16k
>> keys). Is there such a limitation in gpg, or can I happily use a 128k
>> RSA or El Gamal key with no other problems than them being very slow?
> The only limitations I am aware of are the amount of random you may
> get by one call and that the key as well as intermediate results need
> to fit into the allocated secure memory.

I can verify this; the key generation size limit is currently set to
4096 bits, but can be increased to 8192 bits without too many problems.
Someone reported that they were able to generate keys of 11296 bits
(they are painfully slow to use), but for much more than that you get
errors like

|gpg: out of secure memory while allocating 5108 bytes
|gpg: (this may be caused by too many secret keys used simultaneously
|or due to excessive large key sizes)

Now, although it can't generate keys that big, GPG can *use* a key of
16384 bits (presumably generated with one of Disastry's PGP 2.6.3
builds); again, operations involving such keys are painfully slow and
not worth the effort.

        Death to all fanatics!
  Down with categorical imperative!
OpenPGP key:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 569 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20060816/7bfa9ca2/signature.pgp

More information about the Gnupg-users mailing list