2048 or 4096 for new keys? aka defaults vs. Debian
Robert J. Hansen
rjh at sixdemonbag.org
Sun Oct 27 18:27:26 CET 2013
On 10/27/2013 10:41 AM, MFPA wrote:
> Couldn't a cryptographically broken algorithm also raise the problem
> of forged digital signatures?
Yes and no. The mistake people make when discussing digital signatures
is to treat them as a purely mathematical exercise rather than as
something that exists within a legal framework.
Let's say that tomorrow I lose my passphrase and make a new keypair.
Then in 25 years someone approaches me with a signed OpenPGP message
dated Christmas 2013, saying "I agree to pay you one million dollars at
Christmas 2038." I scream it's a forgery, they scream it's valid, we go
to trial.
Who do you think the judge will believe -- that this message, which
nobody can produce any evidence existed prior to 2038, is real? Or that
it's some clever shenanigans made possible by newly-developed technology
which made my old keypair vulnerable?
Just because a digital signature can be forged *mathematically* is no
guarantee the signature can be forged *in actuality*.
More information about the Gnupg-users
mailing list