GPG's vulnerability to quantum cryptography

The Fuzzy Whirlpool Thunderstorm whirlpool at blinkenshell.org
Mon Jul 7 10:09:41 CEST 2014


On Sun, Jul 06, 2014 at 12:53:26PM +0100, MFPA wrote:
> At the same time, would you advocate decrypting all your encrypted
> files and encrypting them to the new key? Or were you just referring
> to encrypted communications?

It depends on how important the data is. Of course, if the data is so
important, when the expiration time comes, all the data encrypted with
the old key need to be decrypted and encrypted with the new generated
key.
Although it's not truly necessary to do this work when the data is no
longer considered as important.
For encrypted communication, it's better to use the new generated key
when the expiration time comes.
I don't enforce my idea to be applied by everyone. This is an advice for
myself to do a good gpg practice.
Someone may refer to a key revocation rather than enforcing an
expiration time. That's also good practice.
I believe everyone of you has a method to prevent quantum
cryptodecryption on your public keys.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: </pipermail/attachments/20140707/3c681503/attachment.sig>


More information about the Gnupg-users mailing list