RSA 1024 ridiculous /8192 is sublime

Newton Hammet newton at hammet.net
Sun Jun 17 19:41:16 CEST 2007


gnupg as distributed may not be generating larger than 4096 bit keys
but it is easy enough to (or was in the past) to modify the source code
in I think one place and change it to whatever you want.

In my case I was able to successfully generate a 8192-bit RSA key
and tested it with encryption, decryption, signing, etc. and it
worked.

My Hard drive, like my closet and garage, however is resisting
my attempts to figure out where I put this particular piece of
enterprise. (I think it was back in 2003 +/-).

I will keep looking for it.

-Newgon

On Sun, 2007-06-17 at 12:58 -0400, David Shaw wrote:
> On Sun, Jun 17, 2007 at 11:14:35AM +0200, Crest wrote:
> > Am 16.06.2007 um 17:05 schrieb Brian Smith:
> > 
> > > IF you have a life-long digital secret that you want to protect from
> > > people with hundreds of millions of dollars to spend, and you  
> > > insist on
> > > using RSA public key encryption to protect it during transit over the
> > > internet, then you need to use RSA 15,360 (not a typo) + AES 256 +  
> > > hope.
> > > But, I think RSA 3072 + AES 128 should be good enough to get you a
> > > waterboarding ticket; even RSA 1024 + 3DES would result in spyware  
> > > or a
> > > key logger on your client machine to prevent them from having to  
> > > fill up
> > > the bucket.
> > 
> > Does GnuPG support RSA keys longer than 4096 bits? I saw a modified  
> > old PGPi version doing so but ist took half a minute to sign a short  
> > message off less than one 1kb on a pentium1 based laptop...
> 
> GnuPG supports RSA keys much larger than 4096 bits.   It does not,
> however, currently allow generation of such keys, so the keys must
> come from elsewhere.
> 
> > Isn't it more usefull to switch to ECC instead of using that large keys?
> 
> For many cases, yes.  However, ECC is not yet defined for OpenPGP.
> Until that happens, there won't be official support for it in GnuPG.
> Note, though, there is a ECC version of GnuPG out there if you want to
> try it.
> 
> David
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-- 
Public Key: 4096R/136FC036 2004-02-09 Newton Hammet <newton at hammet.net>
Key fingerprint = 785F DFF3 7029 3FBD 45CE 747C 93CA E808 136F C036
Key servers: pgp.mit.edu, others...





More information about the Gnupg-users mailing list