FAQ change, final draft

Robert J. Hansen rjh at sixdemonbag.org
Tue Aug 12 21:58:03 CEST 2014


> This and the answer below seem slightly contradictory. Or do you mean
> that a switch to ECC is equivalent to using much bigger keys?

The guidance from NIST is:

[1] shannons of entropy needed
[2] bits of symmetric key
[3] bits of RSA/DSA/ELG
[4] bits of ECDSA/ECetc.


[1]     [2]     [3]     [4]
80      80      1024    160
112     112     2048    224
128     128     3072    256
256     256     ~15k    512

The entropy of symmetric and ECDSA/ECetc. keys scales linearly with key 
length; the entropy of RSA/DSA/ELG keys scales logarithmically with key 
length.



More information about the Gnupg-users mailing list