SSH Agent keys >4096 bit?

Werner Koch wk at gnupg.org
Fri May 4 19:14:24 CEST 2012


On Fri,  4 May 2012 14:53, mwood at IUPUI.Edu said:
> Let me turn things around.  Other than providing opportunities to
> discuss the practicalities of large RSA keys, is there any reason why
> the agent should care what size key it is storing?

The OpenPGP parser has a limit on the size of the MPI which is at 16k
bits.  This is required to avoid DoS attacks.  Key generation is limited
in the way we allocate memory for prime generation and well, the
arbitrary limit of 4k RSA modulus.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list