2048 or 4096 for new keys? aka defaults vs. Debian

Johan Wevers johanw at vulcan.xs4all.nl
Fri Oct 25 23:45:50 CEST 2013

On 25-10-2013 1:46, Robert J. Hansen wrote:

> Mostly zealotry.  According to NIST, RSA-2048 is expected to be secure
> for about the next 25 years.

The authority of NIST is of course severely reduced since the Snowden
revelations and their own suspicious behaviour with the Dual EC PRNG.

Further, if they expect it to be secure for only 25 years, that is
sufficient for people to upgrade if they expect to remain alive over 25
years (although in this case it might not apply since the key is only
used for signatures and adding backdoors in a 25 year old OS will not be
very usefull).

ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

More information about the Gnupg-users mailing list