Any way to get smaller key sizes?

Jason Barrett JBarrett at lyrix.com
Wed Sep 28 16:29:40 CEST 2005


Thanks for the responses, all.  Good stuff.

Alaric wrote:

  "considering this

  https://www.financialcryptography.com/mt/archives/000551.html

  why would you bother with anything less than 2048 bit keys."

I'm inclined to agree with you, from a security standpoint.  I appreciate
you sending this as it gives me some 'ammunition' against colleagues of
mine who argue that the additional storage taken up by encrypted data
trumps the security of a long cryptography key.  But, there are those who
feel that way, especially since the encryption is not going to be the weak
link in our data security for this product, at least for now.

David wrote:

  Yes, but it's almost impossible to answer this because it's not clear
  what you're doing.  Are you storing the keys or the results?  1024 bit
  keys with what algorithm?  The only key type that is locked to 1024
  bits is DSA and that's a signing algorithm, so encryption never comes
  into the equation.

The key that's used for encryption, according to the Handbook, is the
El-Gamal sub-key that gets created, along with the DSA signing key, when
you invoke 'gpg --gen-key'.  The concern is over database storage of the
results, not the keys.  I could store them outside the database, but I'd
rather not as that adds a level of indirection, additional complexity, and
another point of failure to the design.  The algorithm is whatever is used
by 'gpg --encrypt'.

In a nutshell, I'm encrypting data entered via a website and storing it in
a database for later retrieval and decryption by real-time user programs.
I don't want to give up the value that the PGP brand adds to the product,
but I can understand that some of my colleagues have concerns about the
storage requirements, even though I have done worst-case analyses which
indicate that the storage we need is available at minimal cost.  I'm
willing to address those concerns with some weakening of the public key
security, given that there are other mechanisms in place to protect vital
data (SSL for one).

Thanks again!




More information about the Gnupg-users mailing list