On Mon, 11 Aug 2014 19:18, r...@sixdemonbag.org said: > visibility/feedback. If the community approves, I'll be submitting > this to Werner for inclusion into the FAQ.
Okay, to update the FAQ ? Shalom-Salam, Werner ===== Q: Why does GnuPG default to 2048-bit RSA? A: At the time the decision was made, 2048-bit RSA was thought to provide reasonable security for the next decade or more while still being compatible with the overwhelming majority of the OpenPGP ecosystem. Q: Is that still the case? A: Largely, yes. According to NIST Special Publication 800-57, published in July 2012, 2048-bit RSA is believed safe until 2030. At present, no reputable cryptographer or research group has cast doubt on the safety of RSA-2048. That said, many are suggesting shifting to larger keys, and GnuPG will be making such a shift in the near future. Q: What do other groups have to say about 2048-bit RSA? A: In 2014, the German Bundesnetzagentur fuer Elektrizitaet, Gas, Telekommunikation, Post und Eisenbahnen recommended using RSA-2048 for long-term security in electronic signatures. In 2012, ECRYPT-II published their "Yearly Report on Algorithms and Keysizes" wherein they expressed their belief RSA-1776 will suffice until at least 2020, and RSA-2432 until 2030. In 2010, France's Agence Nationale de la Securite des Systems d'Information stated they had confidence in RSA-2048 until at least 2020. Q: Is there a general recommendation that 3072-bit keys be used for new applications? A: No, although some respected people and groups within the cryptographic community have made such recommendations. Some even recommend 4096-bit keys. Q: Will GnuPG ever support RSA-3072 or RSA-4096 by default? A: Probably not. The future is elliptical-curve cryptography, which will bring a level of safety comparable to RSA-16384. Every minute we spend arguing about whether we should change the defaults to RSA-3072 or more is one minute the shift to ECC is delayed. Frankly, we think ECC is a really good idea and we'd like to see it deployed as soon as humanly possible. Q: I think I need larger key sizes. A: By all means, feel free to generate certificates with larger keys. GnuPG supports up to 4096-bit keys. -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
