Some people say longer keys are silly. I think they should be supported by gpg.

david at gbenet.com david at gbenet.com
Tue May 22 14:34:20 CEST 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 22/05/12 09:58, tim.kachao at gmail.com wrote:
> I think it should be okay to dredge up this topic ever couple years.  From 
> what I am reading, links below,  I do not feel comfortable with the key 
> length and algorithmic security offered by GPG's defaults.
> 
> I have not been able to figure out how to get keylengths greater than 3072 
> for DSA/elgmal or >4094 rsa, so I conclude that generating them is 
> unsupported by GPG although GPG can use them.  I have seen many people 
> saying that these types of key lengths are way more than anyone could 
> reasonably need, but I am skeptical.
> 
> I am involved in a local Occupy (bet you thought occupy was kaput eh?  well 
> as it were known it is but that's another story) and frankly we aren't 
> just up against one intelligence agency, but all intel agencies put 
> together.  An entire global class of people.  You can argue that they may 
> be uninterested in me, however I don't buy that argument at all because 
> they have spent (possibly a lot) more than a thousand dollars at least on 
> me personally at this point I am sure in policing costs to try to 
> survielle and intimidate me, after you divide down. 
> 
>  The eviction alone at my occupy cost (probably greatly) in excess of 
> $16,000 to arrest 8 people, and involved almost 200 cops for 4 hours.  
> There are also estimates made that in the US 1 in 6 "protestors" is 
> actually a government agent of one sort or another, dept of defense, 
> homeland security, fbi what have you.  And that exludes any thugs the 
> bankers put in the crowd as privately hired types.
> 
> Secondly I want my communications to remain unread into the relatively 
> distant future.  Given the sort of crap the 1% do wrt murdering and 
> maiming vast quantites of people for a couple extra bucks I would not be 
> the least bit surprised if 20 years from now they "dissapeared" me 
> because I passed our some pamphlets that said "end class war now". 
> 
>  An enemy is an enemy, and enemies must be smooshed, right?  Why take risks 
> like letting an innocent person live if they might concievable scratch 
> your gravy train at some point in the future? Abductions and bullets 
> aren't that expensive once you got everything all set up, it's a good 
> investement.
> 
> 
> I'm 23 now and I take various modest precautions to ensure that I have the 
> best chance I can to remain in good health when I am 43. Or 63.  A couple 
> hundred extra milliseconds of decryption/encryption time per message for 
> a key longer than 3072 or 4092 sounds like a good choice frankly.  Is 
> that not what we are looking at?
> 
> And yes I recognize that it would be a lot easier for them to plant spyware 
> on my computers than break the keys, however they can't plant spyware on 
> everone's computer. without people noticing  They do slurp up and 
> probably store indefinitely all text -and many other- communications on 
> the internet (carnivore etc.).  In the future, data they don't have they 
> can't use.  There is always a substantial probability that they will not 
> get my keys with spyware, and I would like capitalize (If you'll pardon 
> me) on that.
> 
> Fourthly a little safety margin never hurt.
> 
> I think it should be easier to pick longer keys.  Also info should be 
> included in the compendium regarding practical aspects of key choice, 
> like a table that shows how long it takes to encrypt a symmetric key with 
> 2048, 4092 etc.  Or event just a table in which you select your 
> adversary, then your time horizon, and it tells you what key lengths are 
> suitable, with due warnings and notes regarding the possibility of 
> quantum computers, mathematical advances etc.
> 
> I understand that no matter how long the keys are it's still only a 
> relatively small part of the equation.  However I thought it was the norm 
> to pick something that basically eliminated concern about the encryption 
> being broken, so one could forget about that part and focus on the 
> rest.of your security worries.
> 
> My trust in GPG has been disturbed by this state of affairs.  I thought I 
> could just trust the defaults but I am finding that they may not really 
> include the safety margin that people desire. I shudder to think of 
> people who are doing more serious stuff in the class war than little ol' 
> me (which isn't hard).
> 
> Links:
> http://en.wikipedia.org/wiki/RSA_%28algorithm%29
> -http://www.schneier.com/essay-368.html < note that this was written in 1998
> http://www.rsa.com/rsalabs/node.asp?id=2004  this one in particular makes 
> it clear that it is not unreasonable for someone in my position to choose 
> a 4096 bit key.
> 
> 
> http://en.wikipedia.org/wiki/Key_length wikipedia says the U.S. Government 
> requires 192 or 256-bit AES keys for highly sensitive data.  A 3072 bit 
> RSA or elGamal key is about equivalent to 128 bit symmetric key, right?  
> And a 256 bit key length equivalent public key is abut 15,387 bits..  I 
> think if people want to use the same level of encryption for their data 
> that the government uses shouldn't that be supported at least in command 
> line mode?
> http://www.win.tue.nl/~klenstra/aes_match.pdf good paper on equivalencies 
> in computation and cost of public key vs. symmetric.
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 
Some say that all the power of the universe - and all the time its been in existence will
not crack a 2048 bit key with a secure passphrase. So by the time the universe is well and
truly over and some poor sod of a government agent is alive and well he will not have
cracked yer e-mails or indeed any encrypted data. Can you imagine that power from a
computer? No. The mind boggles at the energy it would consume - a million million million ad
infinitum suns.

But they "key" to all this is them holding your private key - it would be quicker and a lot
simpler to crush your balls with a pair of pliers - you will give up your most treasured
possession - your passphrase. This is the meaning of brute force attacks on your key.

The strength of your passphrase is critical alpha numerics take the whole universe to crack
where as a phrase like:

"marymary&%/*had*)/+a:+=little$£"KL$Donkey#*hadxxxabad%$*JHGbadIUNG6**leg^)andalways@#][a\|little-0UHKTwalkedUKL:@?^wonkey


is a good key it will last you forever - if you can stand having your balls crushed. So the
best form of security would be to invest in a sturdy steel codpiece and a long passphrase.

David

- -- 
“See the sanity of the man! No gods, no angels, no demons, no body. Nothing of the
kind.Stern, sane,every brain-cell perfect and complete even at the moment of death. No
delusion.” https://linuxcounter.net/user/512854.html - http://gbenet.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPu4e+AAoJEOJpqm7flRExvbwH/jQ63xJMsbTFKpwSugXEVf7E
u4EhPUpBUrMGW51XYubEsEa/lJFRm9OTysG7/f33gQP27z3pKqqH0ZX9Te38e781
+CqBMdvpB18f+LBROk/21AcpErlFIqYAoDhvgmOVdNvWGKfW61GKvdcHpoitPMt3
fEOAw3qZRZZqd+fOQUt42uFWx2YCtOMdWDt3slih6TI3gq5E3/+CtXkWO41czy3g
BHY61NEriOplQ+0HfrKulDsXArPRpfddN7N4kfuiAwm7kzjfitgcUdWdU/ZJE2Zp
oNvQ83zjzisHFHDg1c6n4hpJzGPLQ96ox6GMj+igEIW73A/N45nWSUoMzGdsPao=
=YnnX
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list