what are the sub keys

Robert J. Hansen rjh at sixdemonbag.org
Wed Mar 23 22:17:10 CET 2011

On 3/23/2011 5:05 PM, Jeffrey Walton wrote:
> Bad judgement or best practice? Some folks must use a key with a 128
> bit security level.

Some do, yes: but your citations don't seem to support that.  NIST says
that for unclassified purposes, 112 effective bits of security is enough
until 2030 (page 65).

Your ECRYPT ref says 80-bit keys are secure until 2012.  128-bit crypto
is defined as "long-term security", for three decades or more (page 32).

Given most people stipulate the need for longer keys for multi-decade
use, I don't see that the authorities you cited suggest "best practice"
is to use, effective today, 3072-bit keys to provide 128 effective bits
of security.

More information about the Gnupg-users mailing list