FAQ change, final draft
Doug Barton
dougb at dougbarton.us
Tue Aug 12 22:12:50 CEST 2014
On 08/12/2014 12:58 PM, Robert J. Hansen wrote:
>> This and the answer below seem slightly contradictory. Or do you mean
>> that a switch to ECC is equivalent to using much bigger keys?
>
> The guidance from NIST is:
>
> [1] shannons of entropy needed
> [2] bits of symmetric key
> [3] bits of RSA/DSA/ELG
> [4] bits of ECDSA/ECetc.
>
>
> [1] [2] [3] [4]
> 80 80 1024 160
> 112 112 2048 224
> 128 128 3072 256
> 256 256 ~15k 512
>
> The entropy of symmetric and ECDSA/ECetc. keys scales linearly with key
> length; the entropy of RSA/DSA/ELG keys scales logarithmically with key
> length.
I really like the new FAQ text, especially the point about moving to ECC
is the way to go forward, not larger RSA keys, and that sooner is better
than later.
Personally I think that the table above would be worthwhile to include
in the FAQ (with a reference of course) too, since it bolsters the
argument so well.
FWIW,
Doug
More information about the Gnupg-users
mailing list