GnuPG private key resilience against off-line brute-force attacks (was: Re: Backup of private key)

Nicholas Cole nicholas.cole at gmail.com
Sat Nov 28 18:54:12 CET 2009


On Sat, Nov 28, 2009 at 3:47 PM, David Shaw <dshaw at jabberwocky.com> wrote:

[snip]

> I'd suggest starting with the various calculators on
> http://www.keylength.com/

A very interesting website.  I followed the links, and found this document:

http://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml

It seems that the NSA is moving away from RSA/DH etc. cryptography,
and now "only" approves their use for secret level material.  They are
instead pushing elliptic curve cryptography.  I hadn't realised that
there was such pressure to move away from traditional key exchange.
Is this about the fear of quantum computing, or something else?

EC in gpg is still some way off, it seems.

N



More information about the Gnupg-users mailing list