8192bit RSA keys
Manoj Srivastava
srivasta at ieee.org
Sun Jul 26 08:38:22 CEST 2009
On Fri, Jul 10 2009, Werner Koch wrote:
> On Fri, 10 Jul 2009 05:52, srivasta at ieee.org said:
>
>> I have a 4096 bit RSA key -- can I create 2048 or 3072 bit
>
> 4096 is in fact also supported but that would require major changes in
> GnuPG, thus this published limit of 3072
>
>> subkeys and only copy these keys to the card? Or will the fact that the
>> primary key is 4096 bits stymie the operation?
>
> That works.
>
> However, 3072 bit signing had another bug which I fixed this morning.
> Thus you need to use the latest SVN.
I can report that 2048 bit RSA subkeys can be generated on the
machine, transferred to the version 2 card, and they work.
However, working with gnupg2 from Thursday VCS, 3072 bit keys
can be created, transferred to the card, and may encrypt files, but
decrypting the file failed with a cryptic "card error".
I am now happy with my 2048 bit keys :-)
manoj
--
UNIX was half a billion (500000000) seconds old on Tue Nov 5 00:53:20
1985 GMT (measuring since the time(2) epoch). -- Andy Tannenbaum
Manoj Srivastava <srivasta at acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: </pipermail/attachments/20090726/fcf05851/attachment.pgp>
More information about the Gnupg-users
mailing list