[offtopic] OpenGPG Smartcard with keylength >1024

Alexander W. Janssen alexander.janssen at gmail.com
Mon Dec 10 18:13:00 CET 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I know this is offtopic, but I ask nonetheless, maybe someone has an idea.

The BSI recently announced that it finds RSA/1024 bits not to be
considered secure enough from the 1st of January on[1].

Now I have this really cool RSA-Smartcard (based on G10's code, fab'ed
by ppc-systems) which does 1024 bits and I'm wondering if anyone knows a
source who sells cards with, let's say, 2048 bits. PPC-Systems don't.

- From what I heard, technically it's no problem to have card with bigger
keylengths, although it might become slow - otoh they're probably more
expensive.

Not that I think I should abolish everything just because they say so,
but it's worth a consideration anyway if you want to deploy a whole new PKI.

Thanks,
Alex.

[1] http://www.bsi.de/esig/dokumente/krypto/BSI_Final_07.pdf - page 4,
table "minimum keylenghts"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQCVAwUBR11zmhYlVVSQ3uFxAQIHfAP9Hx6TTKdaGj2OJnutpUX+zPr1gw7i6Qww
zyedYkvE+34M8UB+YwkYtPri7IgQRsyfF/AX3y5rn/7/7mDgTJTp0wI2ldJ06WUk
VRSEDBh+OSxsJ9+25Y4raUuHqxBjPHvKGdRD6ZSn13PhbbCJrwI8r+sqFLeEs50j
GVKXvA7nCi0=
=BJOi
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list