GPG's vulnerability to quantum cryptography
Johan Wevers
johanw at vulcan.xs4all.nl
Sun Jul 6 16:25:57 CEST 2014
On 06-07-2014 9:36, The Fuzzy Whirlpool Thunderstorm wrote:
> Using GPG encryption is still good, although it's vulnerable to quantum
> cryptodecryption.
> It's a good idea to set an expiration for each of your GPG key.
> So that, when the expiration time comes, you'll be able to generate a
> new GPG key to address a possibility of your old keys being cracked.
I don't see the relation between these two. You don't know when quantum
computers who can break > 1024 RSA will be a reality so when should you
set the expiration date? And you can always revoke a key if something
like this happens, no need for expiration dates there either.
Since I don't know when I will consider a key compromised or weak, I
don't work with expiry dates but revoke the key in such a case.
> GPG is not perfect. It's just pretty good as the name suggest.
> At least, it'll be able to protect your secured data for the rest of
> your life or for the time specified at the expiration date.
If a key expires data will not be automatically decrypted. Nor will it
become unusable.
--
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
More information about the Gnupg-users
mailing list