FAQ change, final draft
dougb at dougbarton.us
Tue Aug 12 22:12:50 CEST 2014
On 08/12/2014 12:58 PM, Robert J. Hansen wrote:
>> This and the answer below seem slightly contradictory. Or do you mean
>> that a switch to ECC is equivalent to using much bigger keys?
> The guidance from NIST is:
>  shannons of entropy needed
>  bits of symmetric key
>  bits of RSA/DSA/ELG
>  bits of ECDSA/ECetc.
>    
> 80 80 1024 160
> 112 112 2048 224
> 128 128 3072 256
> 256 256 ~15k 512
> The entropy of symmetric and ECDSA/ECetc. keys scales linearly with key
> length; the entropy of RSA/DSA/ELG keys scales logarithmically with key
I really like the new FAQ text, especially the point about moving to ECC
is the way to go forward, not larger RSA keys, and that sooner is better
Personally I think that the table above would be worthwhile to include
in the FAQ (with a reference of course) too, since it bolsters the
argument so well.
More information about the Gnupg-users