RSA 1024 ridiculous
Janusz A. Urbanowicz
alex at bofh.net.pl
Tue Jun 19 16:05:30 CEST 2007
On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>
> Atom Smasher wrote:
> > gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
> > is what i've been using for a while now. i'll sign this email with
> > RSA-2048/SHA-256 (my default on this key) just to show what it
> > looks like. it's a big signature block, but not ridiculous and on a
> > reasonably powerful computer it's hardly a noticeable delay to
> > work with such keys.
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt
> messages that don't even fill a cluster without breaking a sweat, but
> if the sensitive data is large, RSA-4096 isn't a good choice unless a
> gov't agency wants that data.
Erm... when you use OpenPGP, or really any other modern crypto
protocol, you don't put actual plaintext through RSA, RSA operates
only on a hash or random session key for symmetric cipher.y
=alx
--
JID: alex at hell.pl
PGP: 0x46399138
od zwracania uwagi na detale są lekarze, adwokaci, programiści i zegarmistrze
-- Czerski
More information about the Gnupg-users
mailing list