4096 bit keys

Jerome Baum jerome at jeromebaum.com
Wed Mar 23 00:44:24 CET 2011


Grant Olson <kgo at grant-olson.net> writes:

> On 03/22/2011 06:06 PM, Jonathan Ely wrote:
>> I really wish 8192 would become available. Not that it would be the end
>> all/be all of key security but according to your theory it sounds much
>> more difficult to crack.
>> 
>
> The actual cutting edge solution is to move from RSA to ECC.  Even a
> 8192 bit or 16k bit RSA key isn't approved by the NSA or NIST for TOP
> SECRET materials, but ECC-521 is.

Isn't ECDSA really vulnerable  to reused and predictable signature seeds
(don't know what they're called, I'm talking about "k")?

> ECC actually is up-and-running in the beta for gpg 2.1, but
> realistically it'll be (at least) a few years before it gets mainstream
> adoption.

You loose any interoperability as  it's not OpenPGP, right? It certainly
isn't in the commercial PGP. OT but  does anyone know how I can make PGP
stop trying to access my  (not plugged-in) smart-card reader? I have one
of those DATEV smart cards and PGP  seems to think "hey! I see there may
or may not possible be something available or temporarily unavailable or
not available at all  on this system that we like to  refer to as 'smart
card', and it may or may not be convenient for my user to use that thing
that we like  to refer to as 'smart card'. Instead  of bothering my user
with questions  about this so-called  'smart card' and whether  I should
use  it,  I'll  just call  the  API.  In  fact,  because my  user  might
accidentally click 'don't  use smart card (i.e. cancel)',  I'll run that
API call 5 times -- just to be sure."

-- 
PGP: A0E4 B2D4 94E6 20EE 85BA E45B 63E4 2BD8 C58C 753A
PGP: 2C23 EBFF DF1A 840D 2351 F5F5 F25B A03F 2152 36DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 880 bytes
Desc: not available
URL: </pipermail/attachments/20110322/0ee30993/attachment-0001.pgp>


More information about the Gnupg-users mailing list