1024 key with 2048 subkey: how affected?

Chris Poole lists at chrispoole.com
Mon Jan 23 15:18:54 CET 2012

On Sun, Jan 22, 2012 at 4:02 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:

>  A 1024-bit key has about an 80-bit keyspace, which is a factor of 16 million
> larger.  Given the advances in supercomputing in the last decade it is
> reasonable to believe 1024-bit keys are either breakable now or will be in the
> near future, but only at incredible cost.

If the only purpose of the primary key (in my case, where I have subkeys for
signing and encryption) is to sign the subkeys, why not simply make it stupidly
large? Equivalent to 256 bits with a symmetric cipher, or 512 bits?

Then, simply issue 2048 bit keys for encryption or signing as and when required,
all signed by this master key.

It would not really be used in day to day duties, since the subkeys will be used
for this.

(I guess, assuming of course that a key strengthening or lengthening algorithm
is used for the primary key.)



More information about the Gnupg-users mailing list