Should I be using gpg or gpg2?

Johan Wevers johanw at
Tue Sep 29 17:28:22 CEST 2015

On 28-09-2015 22:26, Robert J. Hansen wrote:

> RSA-3072 is not all that much stronger than RSA-2048, and RSA-4096 adds even less.

AFAIK RSA-3072 (and ElGamal-3072) are comparable to AES-128. That's
strong enough for the forseable future; the only known thing they are
vyulnerable to (except for rubber-hose cryptography, keyloggers and
other "cheats") is a working quantum computer But if we have that, this:

> The future is clear: 512-bit ECC, which is about as resistant to
> brute-forcing as AES256.

won't help either and you need things like lattice cryptography (with
even bigger keys unfortunately).

ir. J.C.A. Wevers
PGP/GPG public keys at

More information about the Gnupg-users mailing list