Linux crypto killer apllication // key lengths // govt. standards
vedaal at hush.com
vedaal at hush.com
Thu May 15 16:00:32 CEST 2008
>Message: 9
>Date: Thu, 15 May 2008 15:26:26 +0200 (CEST)
>From: "Michel Messerschmidt" <lists at michel-messerschmidt.de>
>Subject: Re: Linux crypto killer apllication
>Actually the legal requirements changed this year.
>1024 bit RSA and SHA-1 are not sufficient anymore. 2048 bit is
>recommended and at least 1280 bit is required (see
>http://www.bundesnetzagentur.de/media/archive/12198.pdf for
>details).
>
>Still I haven't seen any legal requirement beyond 2048 bit RSA/DSA
>yet.
>But the retirement of SHA-1 may become an issue for OpenPGP.
fwiw,
here is a US gov guideline/recommendation for keylengths:
http://snad.ncsl.nist.gov/dnssec/FISMA-dnssec.html
it quotes
'NIST Special Publication 800-57: Recommendations for Key
Management'
and lists the table of projected keylengths until 2030
gnupg's 4096 and sha-512 capability,
together with 256 bit symmetric algortihms,
seem *more than enough* ;-)
vedaal
any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link
--
Need cash? Apply now for a credit loan with fast approval.
http://tagline.hushmail.com/fc/Ioyw6h4d9GyshrkvDmaUkkdDHZZw4tTKbcw5gqksebW8QB2sAbVr0j/
More information about the Gnupg-users
mailing list