2048 or 4096 for new keys? aka defaults vs. Debian

Christoph Anton Mitterer calestyo at scientia.net
Sat Oct 26 23:44:38 CEST 2013

On Sat, 2013-10-26 at 14:13 +0200, Werner Koch wrote:
> Now, if
> you want to protect something you need to think like the attacker - what
> will an attacker do to get the plaintext (or fake a signature)?  Spend
> millions on breaking a few 2k keys (assuming this is at all possible
> within the next decade) or buy/develop/use a zero-day?

Well with that "argument" you can always defeat any crypto... a "real
attacker" will not care whether you use 786 bit RSA keys or 16k bit
keys... he comes for you and tortures you until you happily give him
anything he wants...


More information about the Gnupg-users mailing list