-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/09/2013 01:28 AM, Mick wrote: > > Are you saying that 2048 RSA keys are no good anymore? >
They're probably fine, but when you're making them yourself, the extra bits are free. I would assume that the NSA can crack 1024-bit RSA[1], so why not jump to 4096 so you don't have to do this again in a few years? The performance overhead is also mostly negligible: the only thing the public key crypto is used for is to exchange a secret which is then used to do simpler (and faster) crypto. [1] http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) iQIcBAEBAgAGBQJSLdBEAAoJEBxJck0inpOiGg4P/1fBRpLoSsNnzjhFGro6vHOr uf5/xUR8y2M+7sBXsyS6d7uU1GfKcyWW2UnhuMabz6/bLWSmhCeGAZrAw1n1/oqp DcxvT9Z/SWM/taYCGkMcxAh3pMxCTohS7Dpq1NxjjB2J7+GgITCNfn6b1bxrAjjO cWCjrAh9ozESiP7AGM2vt2CR9mC0AsWMEoUk5zF0wd0BZq7cCSbcnxV54E784OVz TXcmhvISHz5cgC5nWTylCgy4BqLp94A7ZjtuvZntTBhAeU9MFWX1FpnrBbbnOwW4 WPCYF3mRJKKapE6IIN2jHp1l0w8oM/EFrMoGYYQkAG393TWaRgDLqGqAJBDpLDwP +fmeT/xdfn7nyQNV1IwfdeAdcHFPoKw9dcr2kWVYlx8oJQteibSaQmT9L/LLdJfk 5+XgFg2Va6xTx1YsBfRGXc/PIjrQwlJ0rZ2osjKYfE6G1747+sz0fD74rDRoLTrl j8I4QVuMeOqxdXp9hQv6TNuEHXw9vlbKRlOwT/E7sTHWerK5EXFqgUS8txl3Os+3 2iNgz7v/0AhMrH0evtzn2k88agjXY1UrqUotHuGndJxyc1ZhXZuoJAOSFcgLv/ko L1Vzl3lOdaj1nF23RMWZoqdaI4BZyBM4zDx7K+0g3e7YadQ/EkD6mof0sVNGpO4a q6PNGNy9oZaWflDAOHaN =Ni4r -----END PGP SIGNATURE-----
