Safety of the key and it's length
Robert J. Hansen
rjh at sixdemonbag.org
Mon Jan 26 16:01:38 CET 2009
Michał Gołębiowski wrote:
> I generated a gpg key using 'gpg --gen-key' (using GPG 1.4.6). What
> concerns me is that no matter how strong agorithm would I choose, it
> doesn't affect the size of the public & private key.
A 2048-bit number is just 256 bytes of data. There's a lot of stuff
which goes into a key, of which the secret values are only the smallest
> It's probably ok, but I wonder - how safe is the private key having
> exported ASCII signature sized circa 2600 bytes? Public key is
> similar in size.
Impossible to say from this information.
> I see many people have keys sized 4800 bytes and even 10x bigger. How
> to generate such longer keys? Is the size connected with GPG version
> I use?
Even a small key, 1024 bits, is probably much more secure than you are.
If your traffic is encrypted with even a 1k key, the likelihood of
someone attacking your traffic cryptanalytically is about zero. They'll
decide to try other means instead.
It's best not to obsess over key size. Larger is not better, but it's
not as if it hurts you, either.
More information about the Gnupg-users