GPG encrypted data (using RSA) can be collected today and easily decrypted after 50-100 years using a quantum computer. See: https://en.wikipedia.org/wiki/Shor%27s_algorithm
For this reason, what I do today is share long keys with people I know *in person*. We then use regular AES-256 to encrypt/decrypt our messages back and forth. Every 6 months we meet in person to renew our keys. (To be more secure, we actually create the keys in portions via in-person at different places, OTR, SMS, landline phone, mobile phone, and snail mail.) AES-256 is not vulnerable to quantum cryptography as RSA is, so we feel much safer this way. What are your thoughts on these issues? Why do you keep using GPG, knowing that your data may easily end up out in the open on Google or The Pirate Bay a few decades from now? Are there any plans for added security measures in GPG given how vulnerable it is? For instance, any plans for adding quantum safe public key crypto alternatives to RSA? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
