GPG's vulnerability to quantum cryptography

David Q. davidq at
Tue May 13 18:03:03 CEST 2014

GPG encrypted data (using RSA) can be collected today and easily decrypted
after 50-100 years using a quantum computer. See:

For this reason, what I do today is share long keys with people I know *in
person*. We then use regular AES-256 to encrypt/decrypt our messages back
and forth. Every 6 months we meet in person to renew our keys. (To be more
secure, we actually create the keys in portions via in-person at different
places, OTR, SMS, landline phone, mobile phone, and snail mail.)

AES-256 is not vulnerable to quantum cryptography as RSA is, so we feel
much safer this way.

What are your thoughts on these issues? Why do you keep using GPG, knowing
that your data may easily end up out in the open on Google or The Pirate
Bay a few decades from now?

Are there any plans for added security measures in GPG given how
vulnerable it is? For instance, any plans for adding quantum safe public
key crypto alternatives to RSA?

More information about the Gnupg-users mailing list