RSA 1024 ridiculous

Atom Smasher atom at
Mon Jun 18 06:04:11 CEST 2007

On Sun, 17 Jun 2007, Andrew Berg wrote:

> Try signing/encrypting files that are tens, hundreds, or thousands of 
> megabytes in size. Sure, your average machine can sign/encrypt messages 
> that don't even fill a cluster without breaking a sweat, but if the 
> sensitive data is large, RSA-4096 isn't a good choice unless a gov't 
> agency wants that data.

regardless of the size of the message... if it's being signed/verified 
then you're signing/verifying a hash. if it's being de/encrypted you're 
de/encrypting a session key.

for all practical purposes the overhead of using larger keys and hashes 
doesn't get worse with larger messages.


  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

 	"Your password must be at least 18770 characters and
 	 cannot repeat any of your previous 30689 passwords.
 	 Please type a different password. Type a password
 	 that meets these requirements in both text boxes."
 		-- Microsoft takes security seriously in
 		Knowledge Base Article Q276304.

More information about the Gnupg-users mailing list