RSA 1024 ridiculous
wk at gnupg.org
Sun Jun 17 22:40:17 CEST 2007
On Sun, 17 Jun 2007 20:02, bahamut at digital-signal.net said:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt
> messages that don't even fill a cluster without breaking a sweat, but
> if the sensitive data is large, RSA-4096 isn't a good choice unless a
> gov't agency wants that data.
Although I agree that 4096 bit RSA is far too paranoid, the size of a
file to encrypt is independent of the public key size. The bulk of the
file is encrypted using a symmetric cipher, i.e AES 128 or 256. SHA-256
is not used at all for encryption - only SHA-1 for a special kind of
checksum (a MIC).
More information about the Gnupg-users