Encryption with key ID

Peter Lebbing peter at digitalbrains.com
Mon Jan 9 20:27:16 CET 2012


On 09/01/12 19:41, Remesh_Chandra at Dell.com wrote:
> I tried all those options; it generates the below error.
> gpg: fatal: too many random bits requested; the limit is 4799
> secmem usage: 3008/3008 bytes in 5/5 blocks of pool 3200/16384

You originally indicated the key was as such:

> pub  1024D/5XXXXX11 2005-08-08 ABC DEF GHI
> sub  6000g/99999993 2011-01-01

If I read that correctly as an ElGamal encryption subkey with a size of 6000
bits, it might be that GnuPG cannot work with this particular key because it is
too large. You could hack the source and compile your own version that does
work, but the more logical course of action would be to ask your vendor to
create a new key that can normally be used by off-the-shelf OpenPGP
implementations. The key is *huge*.

>From a more technical standpoint, my limited knowledge of ElGamal tells me that
you need ~6000 bits of randomness to encrypt to a key with a 6000-bit prime.
GnuPG complains it has a limit set at 4799 bits, so it errors out because it
can't generate enough randomness to encrypt the session key.

GnuPG offers me the range of 512 to 4096 bits for creation of an ElGamal key.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt

More information about the Gnupg-users mailing list