FAQ change, final draft

Doug Barton dougb at dougbarton.us
Tue Aug 12 22:12:50 CEST 2014


On 08/12/2014 12:58 PM, Robert J. Hansen wrote:
>> This and the answer below seem slightly contradictory. Or do you mean
>> that a switch to ECC is equivalent to using much bigger keys?
>
> The guidance from NIST is:
>
> [1] shannons of entropy needed
> [2] bits of symmetric key
> [3] bits of RSA/DSA/ELG
> [4] bits of ECDSA/ECetc.
>
>
> [1]     [2]     [3]     [4]
> 80      80      1024    160
> 112     112     2048    224
> 128     128     3072    256
> 256     256     ~15k    512
>
> The entropy of symmetric and ECDSA/ECetc. keys scales linearly with key
> length; the entropy of RSA/DSA/ELG keys scales logarithmically with key
> length.

I really like the new FAQ text, especially the point about moving to ECC 
is the way to go forward, not larger RSA keys, and that sooner is better 
than later.

Personally I think that the table above would be worthwhile to include 
in the FAQ (with a reference of course) too, since it bolsters the 
argument so well.

FWIW,

Doug




More information about the Gnupg-users mailing list