Why revoke a key?

Avi avi.wiki at gmail.com
Tue Oct 11 17:00:55 CEST 2011

> ---------- Forwarded message ----------
> From: "Robert J. Hansen" <rjh at sixdemonbag.org>
> To: Jerome Baum <jerome+person at jeromebaum.com>, gnupg-users at gnupg.org
> Date: Tue, 11 Oct 2011 08:27:47 -0400
> Subject: Re: Why revoke a key?
> On 10/10/2011 5:44 PM, Jerome Baum wrote:
>> But remember Murphy's(?) law! -- (I mean the one about doubling computer
>> power every 18 months -- are there two Murphy's laws? Confused now...)
> Moore's Law.
> For reference, a 40-bit key is breakable today by just about anyone, a
> 64-bit key is breakable today by people with access to significant
> computational resources (hundreds of machines), and it's plausible to
> believe fantastically wealthy adversaries can break 80-bit keys.
> In 1998, EFF's DEEP CRACK exhausted a 56-bit keyspace in roughly 24
> hours at a cost of $250,000.  Assuming Moore's Law holds true, that
> means it could be built today with equivalent performance for about $1,000.
> A 64-bit keyspace is only a factor of 250 harder: a DEEP CRACK/64 could
> theoretically be made at a cost of $250,000.  An 80-bit keyspace is a
> factor of 50,000 harder, more or less, putting the price of that at $12
> billion, somewhere in there.
> This is really rough back-of-the-envelope calculation, but it passes my
> sniff test.

Hash: SHA512

Somewhat outdated, but here is a webpage that makes some
comparisons. They don't give the bitsize of the keys, just the
number of combinations, but it is still representative.

Some other interesting, but likely outdated, discussions:

cloud.html> <-- discusses PGP

Version: GnuPG v1.4.11 (MingW32) - GPGshell v3.77
Comment: Most recent key: Click show in box @ http://is.gd/4xJrs



pub 3072D/F80E29F9 1/30/2009 Avi (Wikimedia-related key) <avi.wiki at gmail.com>
  Primary key fingerprint: 167C 063F 7981 A1F6 71EC  ABAA 0D62 B019 F80E 29F9

More information about the Gnupg-users mailing list