Recommended key size for life long key

Josef Schneider josef at
Sun Sep 1 13:12:20 CEST 2013

I just use 4096 bit because that is the biggest size my OpenPGP Cards can
handle.  In my opinion using a smart card instead of online keys increase
security far more than strange large key sizes!
I also see no point using less than 4096 because modern hardware is fast
enough. Maybe my keys last longer that way.
Am 01.09.2013 02:43 schrieb "Robert J. Hansen" <rjh at>:

> On 08/31/2013 05:46 AM, Ole Tange wrote:
> > The FAQ
> > recommends a key size of 1024 bits.
> >
> > Reading I am puzzled why GnuPG
> recommends that.
> It shouldn't; NIST recommends 2048 bits for 20 years of security.
> NIST notably makes no recommendations past 20 years, as they are deeply
> skeptical of their ability to forecast out that far.  I suspect your
> ability is no greater than theirs is, so I'd be very careful about
> declaring a 10K key to be greater than your natural lifespan.
> Per NIST, a 2048-bit key is of comparable difficulty to breaking 3DES.
> Given the tremendous level of confidence people have in the long-term
> suitability of 3DES, I am convinced a 2048-bit key will outlast my
> ability to remember the passphrase to it.
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130901/ab84be73/attachment.html>

More information about the Gnupg-users mailing list