2048 or 4096 for new keys? aka defaults vs. Debian

Paul R. Ramer free10pro at gmail.com
Sat Oct 26 02:39:58 CEST 2013


Johan Wevers <johanw at vulcan.xs4all.nl> wrote:
>On 25-10-2013 1:46, Robert J. Hansen wrote:
>
>> Mostly zealotry.  According to NIST, RSA-2048 is expected to be
>secure
>> for about the next 25 years.
>
>The authority of NIST is of course severely reduced since the Snowden
>revelations and their own suspicious behaviour with the Dual EC PRNG.
>
>Further, if they expect it to be secure for only 25 years, that is
>sufficient for people to upgrade if they expect to remain alive over 25
>years (although in this case it might not apply since the key is only
>used for signatures and adding backdoors in a 25 year old OS will not
>be
>very usefull).

Well, this assumes that you need 25 years of security. If your messages *must* remain uncrackable for that length of time, you may want to take many more measures to ensure the secrecy of what is being communicated, e.g. physical security, intranet mediated messages versus Internet mediated messages, etc.

Cheers,

--Paul
--
PGP: 3DB6D884



More information about the Gnupg-users mailing list