OpenPGP card decryption with 4096bit keys bugfix??
Robert J. Hansen
rjh at sixdemonbag.org
Wed Dec 26 14:22:44 CET 2012
On 12/26/2012 2:42 AM, Josef Schneider wrote:
> first thing: I am not subscribed to this list, so please CC me in replies.
You will have better luck if you join the list. I can almost guarantee
you that somewhere in this thread someone will have useful thoughts to
contribute and they will not remember to cc you.
> I recently bought a OpenPGP smart card and want to use 4096bit keys and
> This doesn't work for decrypting with any released gpg version!
The easiest way to fix your problem is to consider whether 3072-bit
crypto is sufficient for your purposes. It almost certainly is.
4096-bit crypto does not give you very much of an edge over 3072-bit
crypto. Per NIST:
Asymmetric size Equivalent symmetric size
1024 bits 80 bits
2048 bits 112 bits
3072 bits 128 bits
4096 bits --------
NIST doesn't even give an estimate for 4096-bit keys. My suspicion is
they would come in around 134 bits or so, but that's just a hunch.
This makes 4kbit keys the "odd man out." If 128-bit crypto is
sufficient for your purposes (and it's sufficient for virtually all
purposes!), then a 3072-bit key is also sufficient. If you're in one of
the rare niches where 256-bit crypto is necessary then you've got two
choices: use a 15,000-bit RSA key or else switch to elliptical-curve
Either way, there are very few cases where RSA-4096 is necessary. (I've
personally never seen or heard of one, but I'm not going to claim they
don't exist at all.)
More information about the Gnupg-users