Recommended key size for life long key

Robert J. Hansen rjh at
Sun Sep 1 02:43:15 CEST 2013

On 08/31/2013 05:46 AM, Ole Tange wrote:
> The FAQ
> recommends a key size of 1024 bits.
> Reading I am puzzled why GnuPG recommends that.

It shouldn't; NIST recommends 2048 bits for 20 years of security.

NIST notably makes no recommendations past 20 years, as they are deeply
skeptical of their ability to forecast out that far.  I suspect your
ability is no greater than theirs is, so I'd be very careful about
declaring a 10K key to be greater than your natural lifespan.

Per NIST, a 2048-bit key is of comparable difficulty to breaking 3DES.
Given the tremendous level of confidence people have in the long-term
suitability of 3DES, I am convinced a 2048-bit key will outlast my
ability to remember the passphrase to it.

More information about the Gnupg-users mailing list