On Thu, Jun 21, 2007 at 02:16:17PM -0500, Ryan Malayter wrote:
> On 6/19/07, Henry Hertz Hobbit <[EMAIL PROTECTED]> wrote:
> > than it took me to tar it. It also takes me much less time to
> > encrypt the tarred file than it takes to do the final bzip2 of the
> > encrypted file.
>
> Huh? Why would
On 6/19/07, Henry Hertz Hobbit <[EMAIL PROTECTED]> wrote:
> than it took me to tar it. It also takes me much less time to
> encrypt the tarred file than it takes to do the final bzip2 of the
> encrypted file.
Huh? Why would you try to use bzip2 AFTER encrypting?
Strongly-encrypted data is not comp
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
In my view, gnupg already offers too much choice. There is no real
reason to have so many options. They should have given 2 to chose from -
a small and fast and a large and slow (both sort of balanced, too), say
a) DSA-1024 (SHA1) & Elgamal-1024, cipher 3DES - fingerprint SHA1
and
b) DSA-3072 (S
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> What I was trying to do was bring a real world perspective to
> this question. Are you using PGP 8? Do you know anybody who
> is using PGP 8?
Yes and yes.
I far prefer PGP 8.1 over PGP 9.0+, and I've heard comments from many
other users who sa
Snoken wrote:
> Hi,
> Interoperability with PGP 8 matters too.
> Signatures made with RSA 4096-keys (or shorter) and SHA256 can be
> verified by users of PGP 8.
> N.B. Not any other new hashes!
> Please note the option: --pgp8
> Snoken
What I was trying to do was bring a real world perspective to
Snoken wrote:
> I checked with the source:
> http://www.rsa.com/rsalabs/node.asp?id=2004
>
> In 2003 users of RSA 1024-bit keys were advised to drop them
> before 2010. Now the situation is somewhat worse than it
> looked in 2003.
That is not what the RSA website says. The website says, more-or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 17:05 2007-06-16, Brian Smith wrote:
>Snoken wrote:
>> I suppose this means that 1024 bit RSA-keys are ridiculous
>> and the Open PGP Card is a joke. And what about all web sites
>> protected by SSL with a 1024-bit RSA-certificate?
>
>This see
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Interoperability with PGP 8 matters too.
Signatures made with RSA 4096-keys (or shorter) and SHA256 can be
verified by users of PGP 8.
N.B. Not any other new hashes!
Please note the option: --pgp8
Snoken
At 05:14 2007-06-20, you wrote:
>"Janusz A
"Janusz A. Urbanowicz" <[EMAIL PROTECTED]> wrote:
On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote:
> >
> > Atom Smasher wrote:
>> > > gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512)
>> > > which is what i've been using for a while now. i'll sign
>> > > this email with RSA
On Jun 19, 2007, at 7:36 AM, Andrew Berg wrote:
> I wonder how many more people are going to tell me this, even after
> I've demonstrated that I understand the concept (I'm pretty sure I
> even signed that message!).
Just think of it as "review".
:)
_
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Joseph Oreste Bruni wrote:
> On Jun 19, 2007, at 7:36 AM, Andrew Berg wrote:
>
>> I wonder how many more people are going to tell me this, even
>> after I've demonstrated that I understand the concept (I'm pretty
>> sure I even signed that messag
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Janusz A. Urbanowicz wrote:
> On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: RIPEMD160
>>
>> Atom Smasher wrote:
>>> gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
On Sun, Jun 17, 2007 at 01:02:58PM -0500, Andrew Berg wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: RIPEMD160
>
> Atom Smasher wrote:
> > gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
> > is what i've been using for a while now. i'll sign this email with
> > RSA-2048/
Atom Smasher un jour écrivit:
>
> On Sun, 17 Jun 2007, Remco Post wrote:
>>
>> Does gnupg support elliptic curve crypto? ;-)
> ==
>
> if you're paranoid about RSA, then there's no reason to go to ECC since
> the math behind it is still young and uncertain.
The algorithm
Andrew Berg wrote:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt
> messages that don't even fill a cluster without breaking a sweat, but
> if the sensitive data is large, RSA-4096 isn't a good choice unless a
Hi!
Andrew Berg schrieb:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt
> messages that don't even fill a cluster without breaking a sweat, but
> if the sensitive data is large, RSA-4096 isn't a good choice u
On Sun, 17 Jun 2007, David Shaw wrote:
> The defaults in GnuPG are chosen to be basically sane for the
> overwhelming majority of users. People who are recompiling GnuPG need
> to understand the implications of the change they are making and be
> aware they're throwing away that safety net.
==
On Sun, 17 Jun 2007, Andrew Berg wrote:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt messages
> that don't even fill a cluster without breaking a sweat, but if the
> sensitive data is large, RSA-4096 isn
On Sun, Jun 17, 2007 at 06:31:15PM -0400, John W. Moore III wrote:
> David Shaw wrote:
>
> > This year is slightly different in that I'm waiting for someone to
> > discover they can also raise the key size limit for DSA. That, at
> > least, is marginally less strange as I put in code to make the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
David Shaw wrote:
> This year is slightly different in that I'm waiting for someone to
> discover they can also raise the key size limit for DSA. That, at
> least, is marginally less strange as I put in code to make the hash
> size automatically ri
On Sun, Jun 17, 2007 at 02:24:22PM -0500, Newton Hammet wrote:
> I did this before in gnupg-1.2.1 (Check the mailing list archives)
> but it was a different change... I think, to a header file. (I don't
> have or can no longer find the detritus from that excursion) I was
> much more energetic then
On Sun, Jun 17, 2007 at 12:41:16PM -0500, Newton Hammet wrote:
> gnupg as distributed may not be generating larger than 4096 bit keys
> but it is easy enough to (or was in the past) to modify the source code
> in I think one place and change it to whatever you want.
>
> In my case I was able to su
On Sun, 17 Jun 2007 20:02, [EMAIL PROTECTED] said:
> Try signing/encrypting files that are tens, hundreds, or thousands of
> megabytes in size. Sure, your average machine can sign/encrypt
> messages that don't even fill a cluster without breaking a sweat, but
> if the sensitive data is large, RSA-
On Sun, 2007-06-17 at 12:58 -0400, David Shaw wrote:
> >> >>> Lot's of other stuff, not top-posted here.
> GnuPG supports RSA keys much larger than 4096 bits. It does not,
> however, currently allow generation of such keys, so the keys must
> come from elsewhere.
>
> > Isn't it more usefull to s
gnupg as distributed may not be generating larger than 4096 bit keys
but it is easy enough to (or was in the past) to modify the source code
in I think one place and change it to whatever you want.
In my case I was able to successfully generate a 8192-bit RSA key
and tested it with encryption, dec
Andrew Berg wrote:
> Robert Hübener wrote:
>> The work for the RSA-part of the algorithm is always the same: It
>> only has to process either the hash of the message/file or the key
>> for the symmetric cipher.
> I don't completely understand. Does this mean that
> encryption/signature time is onl
RSA keysize will influence how long it takes you to encrypt or sign a
message. But how long the RSA signing/encryption step takes is going
to be the same no matter what the message length. That's because you
are only ever signing a hash of the message or encrypting the
symmetric session key used to
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Sven Radde wrote:
> The actual "bulk" data processing is done by a symmetric algorithm
> / hash function. You only encrypt the key to the symmetric
> algorithm / sign the hash value. Both are typically 256bit or
> smaller.
>
> In fact, the larger
On Sun, Jun 17, 2007 at 01:20:17PM -0500, Andrew Berg wrote:
> Robert Hübener wrote:
> > Andrew Berg wrote:
> >> Try signing/encrypting files that are tens, hundreds, or
> >> thousands of megabytes in size. Sure, your average machine can
> >> sign/encrypt messages that don't even fill a cluster wit
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Robert Hübener wrote:
> Andrew Berg wrote:
>> Try signing/encrypting files that are tens, hundreds, or
>> thousands of megabytes in size. Sure, your average machine can
>> sign/encrypt messages that don't even fill a cluster without
>> breaking a
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Atom Smasher wrote:
> gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which
> is what i've been using for a while now. i'll sign this email with
> RSA-2048/SHA-256 (my default on this key) just to show what it
> looks like. it's a
On Sun, Jun 17, 2007 at 11:14:35AM +0200, Crest wrote:
> Am 16.06.2007 um 17:05 schrieb Brian Smith:
>
> > IF you have a life-long digital secret that you want to protect from
> > people with hundreds of millions of dollars to spend, and you
> > insist on
> > using RSA public key encryption to p
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sun, 17 Jun 2007, Remco Post wrote:
> Does gnupg support elliptic curve crypto? ;-)
==
if you're paranoid about RSA, then there's no reason to go to ECC since
the math behind it is still young and uncertain. while a 1024 bit
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Remco Post wrote:
> Does gnupg support elliptic curve crypto? ;-)
I found this link on the Wikipedia page:
http://www.calcurco.cat/eccGnuPG/index.en.html
- --
Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG
1.4.7
Key ID: 0
Remco Post wrote:
> Does gnupg support elliptic curve crypto? ;-)
Not yet...
Ben
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
Crest wrote:
>
> Isn't it more usefull to switch to ECC instead of using that large keys?
Does gnupg support elliptic curve crypto? ;-)
--
Met vriendelijke groeten,
Remco Post
SARA - Reken- en Netwerkdiensten http://www.sara.nl
High Performance Computing Tel. +31 20 592
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Am 16.06.2007 um 17:05 schrieb Brian Smith:
> IF you have a life-long digital secret that you want to protect from
> people with hundreds of millions of dollars to spend, and you
> insist on
> using RSA public key encryption to protect it during t
On Sat, 16 Jun 2007, Snoken wrote:
> I suppose this means that 1024 bit RSA-keys are ridiculous and the
> Open PGP Card is a joke. And what about all web sites protected by
> SSL with a 1024-bit RSA-certificate?
The only thing that is ridiculous is this flame-bait language. Feel the freedom
to p
Andrew Berg wrote:
> Anyone who's worried about an entity with the power needed to break
> their messages in time to make any use of it has probably already been
> using a longer key size for a while now.
Or, more likely for someone that paranoid, a one time pad.
Ben
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Snoken wrote:
> Hi, I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce
> Schneier. He writes:
>
> "We have a new factoring record: 307 digits (1023 bits). It's a
> special number -- 2^1039 - 1 -- but the techniques can be
> generalized
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
I'll get back to this bit in a moment. ;)
> I suppose this means that 1024 bit RSA-keys are ridiculous and the
> Open PGP Card is a joke.
Not necessarily. There's certainly a strong argument to b
Snoken wrote:
> I suppose this means that 1024 bit RSA-keys are ridiculous
> and the Open PGP Card is a joke. And what about all web sites
> protected by SSL with a 1024-bit RSA-certificate?
This seems to be more-or-less on schedule:
http://en.wikipedia.org/wiki/Key_size#Asymmetric_algorithm_key
Snoken wrote:
> Hi,
> I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce Schneier.
> He writes:
>
> "We have a new factoring record: 307 digits (1023 bits). It's a
> special number -- 2^1039 - 1 -- but the techniques can be
> generalized. Expect regular 1024-bit numbers to be factored
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I just read the latest CRYPTO-GRAM, June 15, 2007, by Bruce Schneier.
He writes:
"We have a new factoring record: 307 digits (1023 bits). It's a
special number -- 2^1039 - 1 -- but the techniques can be
generalized. Expect regular 1024-bit numb
45 matches
Mail list logo
