Recommended key size for life long key

Henry Hertz Hobbit hhhobbit at securemecca.net
Sun Sep 1 01:24:43 CEST 2013 

On 08/31/2013 08:27 PM, Anthony Papillion wrote:

> Personally, I trust my 4096 bit key for now until ECC is integrated
> into GnuPG. Then, I'll recreate my keys. Looking for a key that will
> never be broken is like looking for the fountain of youth: it's a nice
> idea but not realistic to plan your life around. Security is always
> moving. You have to be prepared to move with it.

And I was flamed for suggesting a 4096 bit key just a short six
years ago.  Currently I am using 2048R/2048R but I don't have
top-secret needs. You should tailor your keys lengths and other
factors to both yours AND OTHERS needs. The last time I checked
I wasn't enciphering top-secret level embassy communiques.  Make
your keys to match their intended uses and part of that is what
others can handle. But other than your key size maybe being too
large for an iPhone (currently) all the rest of the advice you
have given here is good.  I noticed my previous 4096R/4096R did
take a little bit of time and would not be appropriate for a
person with s single core CPU so my current keys are 2048R/2048R
so they can handle it.  I especially like your fountain of youth
analogy.  It lets people know that there is no totally secure.
There is only what is currently best for yours and others
you communicate with needs.

My main concern is that they don't upload those keys instantly to the
key-servers after creating them.  Play around with them for a while.
Many people create keys with the following factors

- no expire date - my current ones were for ten years but I can
  always revoke them if the key sizes finally become too small.
  They have lasted 2+ years now and I see no reason for them
  not to last at least another 3-5 years.  But the day will come
  when they will no longer be adequate.  There is no such thing
  as keys that can be used forever.
- key sizes too large for THEIR needs and most especially for
  other people's needs.  The key size really should be created
  to match OTHER people's needs more than yours.
- passphrases that are either too short and simple or the opposite
  of being so long and and convoluted that even a top Jeopardy
  champion couldn't remember them.
- no thought or knowledge of changing the preferences of their
  ciphers, digests and other factors.  It isn't just the key sizes.
  http://www.securemecca.com/public/GnuPG/GnuPG_Prefs.txt
- uploaded WAY too soon to the key-servers without playing
  around with them for a while.  This last issue is CRITICAL.
  They just don't understand the need to play and think for
  a sufficiently long time.  They want to use what they have
  with others immmediately.  LEARN PATIENCE!
- don't immediately generate a key revoke and encipher the
  revoke file.

I think most beginners would actually be better off with
writing down their pass-phrase and storing it in a safety box
but at the same time giving their keys a reasonable expire date.
That is better than a key that they don't use enough, forget the
pass-phrase, and then their key is lodged on the key-servers
forever with no expration date and no chance for it to
gracefully expire and pass on into history.  It would also
give them the opportunity to revoke the keylater on.  I know.
I said they should generate a revoke key file but they didn't
do it.  But at least with with the pass-phrase in a strong
box they have the opportunity to revoke and upload the revoked
keys to the key-servers.

The 10K bit key size being spoken should be a play-toy to
find out why it should NOT be used.  That ten minutes to
generate with the hottest CPU out there would probably be a
pain for me even with my dual-core and lower level quad-core
systems.  I suspect it may take as long as ten seconds to verify
a signed message. They would have no problems sending me an
enciphered message with my shorter 2048R key and even a
TWOFISH cipher. But I would suspect me sending them a PK
enciphered message even with a CAST5 symmetric cipher as
their first choice would take a LONG time.  For an iPhone
user it would be utterly impossible.  PITA my foot!  Just
remember there are probably more iPhone users now than there
are PC owners.

HHH

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130831/231f150e/attachment.sig>

More information about the Gnupg-users mailing list