On Thu, Apr 30, 2020 at 11:07:11PM -0400, Barry Smith via Gnupg-users wrote: > Let me continue by explaining some back up information for my > question. > - I am asking in terms of the latest standards implemented in distros and > Windows .exe auto-install packages. > - I am trying to create a group calendar file and app for a private group. > - Original concept for my project -- use an annual calendar file that has > December (year minus 1) to January (year plus 1), so 14 months of days. I > want one keypair per day for the group.
I'm not sure what kind of risk scenario you're working against, but this sounds extreme and will probably have all sorts of usability corner cases. > SO, users, help! > I need to know the absolute longest key that GnuPG can create RIGHT > NOW. It depends on the algorithm. RSA keys have the default maximum length of 8192 set at compile-time. Elliptic Curve cryptography requires much shorter keys, so maximums will be different there. In general, the length of the key is only part of the picture when we're talking about encryption "strength." Many cryptographers consider RSA keys longer than 2048 bits to be a "feel-good security theatre", because classical computers are not likely to be able to successfully break 2048-bit keys in the foreseeable future, even given state-level funding. If/once we get to the point where quantum computers are powerful enough to defeat 2048-bit RSA, then we should consider all classical public-key crypto irreversibly compromised (RSA, DSA, ECC, etc) -- longer keypair lengths will merely buy a bit of time before failing to cryptanalysis. So, if you want decent modern-day encryption, use 256-bit ECC keys and don't worry about key lengths longer than 256 (or 4096 for RSA). -K _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
