4096 bit keys

Grant Olson kgo at grant-olson.net
Wed Mar 23 01:04:24 CET 2011


On 03/22/2011 07:29 PM, Robert J. Hansen wrote:
> On 3/22/2011 6:53 PM, Grant Olson wrote:
>> The actual cutting edge solution is to move from RSA to ECC.  Even a
>> 8192 bit or 16k bit RSA key isn't approved by the NSA or NIST for TOP
>> SECRET materials, but ECC-521 is.
> 
> Do you have a cite for that?  I know ECC is approved, but I've never
> been able to find confirmation one way or another that ECC is the *only*
> publicly-acknowledged asymmetric algorithm approved for TS.  Any
> heads-up you could give would be appreciated.
> 

I suppose in the sense I can't prove a negative, I don't have a cite.
There could be another recommendation out there, but I was going off of
NSA Suite B.  (Link and text follow.)   It says that RSA 2048 bit keys
can be used while transitioning to ECC, but for SECRET level only.  It
also says ECC-384 is good enough for TOP SECRET.  I just mis-remembered
that as ECC-521.

http://www.nsa.gov/ia/programs/suiteb_cryptography/

"""
AES with 128-bit keys provides adequate protection for classified
information up to the SECRET level. Similarly, ECDH and ECDSA using the
256-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and
SHA-256 provide adequate protection for classified information up to the
SECRET level. During the transition to the use of elliptic curve
cryptography in ECDH and ECDSA, DH, DSA and RSA can be used with a
2048-bit modulus to protect classified information up to the SECRET level.

AES with 256-bit keys, Elliptic Curve Public Key Cryptography using the
384-bit prime modulus elliptic curve as specified in FIPS PUB 186-3 and
SHA-384 are required to protect classified information at the TOP SECRET
level. Since some products approved to protect classified information up
to the TOP SECRET level will only contain algorithms with these
parameters, algorithm interoperability between various products can only
be guaranteed by having these parameters as options.

"""


-- 
-Grant

"Look around! Can you construct some sort of rudimentary lathe?"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 565 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110322/299e7fb8/attachment.pgp>


More information about the Gnupg-users mailing list