Second OpenPGP-card

Jacob Bachmeyer jcb62281 at gmail.com
Thu Feb 29 00:40:07 CET 2024


Werner Koch wrote:
> On Tue, 27 Feb 2024 20:52, Jacob Bachmeyer said:
>   
> [...]
>> logarithm problem and /vice versa/.  Accordingly, RSA1024 is now
>> considered sufficiently dubious that some implementations no longer
>> support it, such as the go-crypto/openpgp library used by the newer
>>     
>
> Which is a Bad Idea because it is up to the user or their implementation
> to decide which keys are trustworthy.  Being able to revoke rsa1024 keys
> is a useful feature.  Although MD5 (PGP2) can be considered as fully
> broken, rsa1024 is not in general broken.
>   

Agreed; I was not endorsing that position, but I see that I should have 
said "apparently considered" to make that a bit more clear.  I trust 
that GPG will continue to support the shorter RSA keys for the 
foreseeable future.

> But ist is pretty fashionable to use an easy to exploit OS (e.g. not
> using the latest Linux kernel) and musing about RSA key strength.  Keep
> Shamir's law in mind.

Or even Windows, which remains disturbingly common in applications that 
probably need far less attack surface, like industrial control 
systems...  (Is the stupidity of management a main driver of Shamir's law?)


-- Jacob




More information about the Gnupg-users mailing list