Seperate RSA subkeys for decryption and signing or one for both?
Hubert Kario
hka at qbs.com.pl
Tue Dec 4 13:19:11 CET 2012
On Monday 03 of December 2012 12:41:10 Hauke Laging wrote:
> Hello,
>
> are there arguments for preferring either
>
> a) having one RSA subkey for decryption only and one for signing only
>
> or
>
> b) having only one RSA subkey for both decryption and signing?
>
> Do any problems arise with the smartcard if the same key shall do different
> tasks?
Keys can become "used up" so it entirely depends on how often you use it.
What I mean by that, is that any signing operation leaks some information
about the key used for signing (generally far less than few tens of a bit).
If you have signed tens of thousands of documents with it, an attacker can
recover substantial portion of the key and speed up the key recovery.
Regards,
--
Hubert Kario
QBS - Quality Business Software
02-656 Warszawa, ul. Ksawerów 30/85
tel. +48 (22) 646-61-51, 646-74-24
www.qbs.com.pl
More information about the Gnupg-users
mailing list