RSA 1024 ridiculous

David Shaw dshaw at
Sun Jun 17 18:58:35 CEST 2007

On Sun, Jun 17, 2007 at 11:14:35AM +0200, Crest wrote:
> Am 16.06.2007 um 17:05 schrieb Brian Smith:
> > IF you have a life-long digital secret that you want to protect from
> > people with hundreds of millions of dollars to spend, and you  
> > insist on
> > using RSA public key encryption to protect it during transit over the
> > internet, then you need to use RSA 15,360 (not a typo) + AES 256 +  
> > hope.
> > But, I think RSA 3072 + AES 128 should be good enough to get you a
> > waterboarding ticket; even RSA 1024 + 3DES would result in spyware  
> > or a
> > key logger on your client machine to prevent them from having to  
> > fill up
> > the bucket.
> Does GnuPG support RSA keys longer than 4096 bits? I saw a modified  
> old PGPi version doing so but ist took half a minute to sign a short  
> message off less than one 1kb on a pentium1 based laptop...

GnuPG supports RSA keys much larger than 4096 bits.   It does not,
however, currently allow generation of such keys, so the keys must
come from elsewhere.

> Isn't it more usefull to switch to ECC instead of using that large keys?

For many cases, yes.  However, ECC is not yet defined for OpenPGP.
Until that happens, there won't be official support for it in GnuPG.
Note, though, there is a ECC version of GnuPG out there if you want to
try it.


More information about the Gnupg-users mailing list