On Sun, 17 Jun 2007, Andrew Berg wrote:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt messages
> that don't even fill a cluster without breaking a sweat, but if the
> sensitive data is large, RSA-4096 isn't a good choice unless a gov't
> agency wants that data.
=====================
regardless of the size of the message... if it's being signed/verified
then you're signing/verifying a hash. if it's being de/encrypted you're
de/encrypting a session key.
for all practical purposes the overhead of using larger keys and hashes
doesn't get worse with larger messages.
--
...atom
________________________
http://atom.smasher.org/
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"Your password must be at least 18770 characters and
cannot repeat any of your previous 30689 passwords.
Please type a different password. Type a password
that meets these requirements in both text boxes."
-- Microsoft takes security seriously in
Knowledge Base Article Q276304.
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
