2048 or 4096 for new keys? aka defaults vs. Debian

[Hauke Laging]

Am Fr 25.10.2013, 23:45:50 schrieb Johan Wevers:

> Further, if they expect it to be secure for only 25 years,

This means that every single key is secure over that time. It means that after 
25 years organizations with huge resources may be able to crack a *single* key 
in a lot of time (rather a year than a day). So even within the next 35 years 
THEY have to make a very small selection which keys they want to break as then 
there will be a few million 2048-bit keys around. And that requires that the 
law doesn't change within that time, forcing the agencies to delete most of 
the stored encrypted data. The US government is just realizing that their 
current approach causes costs beside those in the budget.

And we have not even talked about the different security levels of keys. The 
default setting of gpg should be suitable for normal keys i.e. keys for 
everyday communication. If you need a high security key then you need to know 
a lot about IT security anyway because the keys are the strongest part of the 
system. Those who know how to do the rest right obviously know whether and how 
to increase the key size.

Why should anyone 25+ years from now spend a huge amount of resources in order 
to read a tiny part of today's everyday communication (or a big part in 40 
years)? That makes absolutely no sense. How do you want to explain that in a 
democracy, "hunting terrorists"?


Hauke
-- 
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 572 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20131026/fc71d355/attachment-0001.sig>