Size of main key...

David Shaw dshaw at jabberwocky.com
Sun Feb 23 17:12:25 CET 2014


On Feb 23, 2014, at 10:54 AM, Laurent Jumet <laurent.jumet at skynet.be> wrote:

> 
> Hello David !
> 
> David Shaw <dshaw at jabberwocky.com> wrote:
> 
>>>   With 1.4.16, I suppose there is no way to change the size of the main
>>> key (actual 1024), isn't it?
>>>   I'm limited to RIPEMD160.
> 
>> If you're limited to using RIPEMD160 for some reason (or SHA-1, also a
>> 160-bit hash), then you are limited to a 1024-bit DSA key.  You are not
>> limited to using DSA though: you can make a RSA main key of whatever size
>> you desire, as RSA key sizes are not tied to the size of the hash.
> 
>    ...yes but I mean: I've a DSA 1024 key KeyID: 0xCFAF704C
>    Is there a way to upgrade to a 2048 key without changing main key KeyID: 
> 0xCFAF704C ?

No.  You can't add bits to a key, so the only way to do that is to make a new key, which would naturally give you a new key ID.  It is possible to generate many keys over and over until you randomly hit the key ID you want, but that could take a while.  It's not too bad to match the 32-bit (8-digit) key ID you see usually, but note that internally GnuPG uses 64 bits (16 digits) for most purposes, and no matter what you do, your fingerprint won't be the same in any case.

David




More information about the Gnupg-users mailing list