Problems using 10kbit keys in GnuPG instead of 4kbit keys

Pete Stephenson pete at heypete.com
Mon Sep 9 21:41:42 CEST 2013 

On Mon, Sep 9, 2013 at 12:28 PM, Ole Tange <ole at tange.dk> wrote:
[snip]
> Hopefully that will stop people from recommending against 10kbit keys
> for the sake of the communication partners.

While it certainly seems that 10kbit keys offer reasonable performance
even for slow systems (thanks for doing the benchmarks on those
systems), there's also some practical concerns:

1. Most smartcards these days support 2048-bit keys, while OpenPGP
smartcards support 4096-bit keys. I'm not aware of any smartcard that
supports >4096-bits. It'd be nice to see hardware vendors offer cards
that can handle larger keys. I'm not sure what the demand for larger
keys is, but I imagine that smartcard support for larger keys would be
a long time coming.
2. How compatible are >4096-bit keys with various OpenPGP
implementations? It's nice to have a (presumably) secure key, but if
other people's software only support 4096-bit keys as a maximum then
you can't really communicate with them. New features are slow to add
to both the standard and to various implementations: even though RFC
4880 says that OpenPGP implementations MAY implement hashes other than
SHA1, I've read some concern about compatibility with SHA256 and
SHA512 signatures and key certifications (I've not observed any such
issues, but I rarely interact with people using older software
versions that are unlikely to support it). I'm not sure what other
programs implement the standard or how well-supported extra large keys
would be.
3. Generating large keys with GnuPG requires that one patch the source
and recompile. This limits the creation of extra-large keys to those
who feel comfortable with doing this. It'd be interesting to see if
Werner would change the hard-coded maximum keysize from the current
4096 to, say 8192 (or 15,360 or 16,384) bits so that users who desired
such keys could create them easily. (It'd probably be best to require
an "--expert" flag to expose such options, at least for a while.)

Thanks again for the interesting benchmarks and measurements.

Cheers!
-Pete

-- 
Pete Stephenson

More information about the Gnupg-users mailing list