4096 bit keys
Ingo Klöcker
kloecker at kde.org
Wed Mar 23 20:04:57 CET 2011
On Tuesday 22 March 2011, Jerome Baum wrote:
> Jonathan Ely <thajsta at gmail.com> writes:
> > I really wish 8192 would become available. Not that it would be the
> > end all/be all of key security but according to your theory it
> > sounds much more difficult to crack.
>
> Take that a few steps further. Why not use
> 99999999999999999999999-bit keys? Because they are much more
> difficult to compute. In fact if you go above a certain key size,
> since IIRC the exponent e is standardized and thus limited, your
> discrete logarithm is no longer discrete and so your key security
> just vanishes.
>
> In any case, 4096 bits will be secure for some time to come, and
> yes 8192 bits would be even more secure. We can take that as far as
> we wish but there are limits in the standard, in compatibility,
> and in the current implementation.
Most importantly, there are limits to the size of keys current hardware
(in particular all of those smart phone and tablet CPUs) can handle in
finite time. You surely do not want to wait tens of seconds to verify a
single RSA 8192 signature.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20110323/193b2282/attachment.pgp>
More information about the Gnupg-users
mailing list