key length/size RSA discussion/recommendations in the wiki

Robert J. Hansen rjh at
Wed Oct 29 22:23:51 CET 2014

> More likely 128 was a typo for the more common older RSA key of 1028 
> ...

Either-or.  RSA-1024's dangerously close to being brute-forceable, too.
We've already brute-forced RSA-768 and we're closing in on RSA-890.  I
haven't looked into how well the general number field sieve
parallelizes, but I wouldn't want to take bets on how long RSA-1024
could stand up to a massive Amazon Cloud instance.

More information about the Gnupg-users mailing list