gnupg keysize

Aryeh M. Friedman aryeh.friedman at gmail.com
Thu Nov 15 08:45:34 PST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peo Nilsson wrote:
> Dear listmembers.
>
> When browsing: http://www.gnupg.org/gph/en/manual.html#INTRO
>
> It says: "The size of a DSA key must be between 512 and 1024 bits".
>  It also says: "The ElGamal key may be of any size".
>
> Who and why has defined this? In my opinion, the size of a key is a
> question for the user.

- -- #toc, .toc, .mw-warning { border: 1px solid #aaa; background-color:
#f9f9f9; padding: 5px; font-size: 95%; } #toc h2, .toc h2 { display:
inline; border: none; padding: 0; font-size: 100%; font-weight: bold;
} #toc #toctitle, .toc #toctitle, #toc .toctitle, .toc .toctitle {
text-align: center; } #toc ul, .toc ul { list-style-type: none;
list-style-image: none; margin-left: 0; padding-left: 0; text-align:
left; } #toc ul ul, .toc ul ul { margin: 0 0 0 2em; } #toc .toctoggle,
.toc .toctoggle { font-size: 94%; }@media print, projection, embossed
{ body { padding-top:1in; padding-bottom:1in; padding-left:1in;
padding-right:1in; } } body { font-family:'Times New Roman';
color:#000000; widows:2; font-style:normal; text-indent:0in;
font-variant:normal; font-size:12pt; text-decoration:none;
font-weight:normal; text-align:left; } table { } td {
border-collapse:collapse; text-align:left; vertical-align:top; } p,
h1, h2, h3, li { color:#000000; font-family:'Times New Roman';
font-size:12pt; text-align:left; vertical-align:normal; } -->Different
encryption schemes are "known" to be secure for certain key sizes and
have not been tested and/or known to be breakable for other ones.
This combined with the fact that PGP and other encryption front ends
such as SSH and SSL need to meet certain standards for the US
government  (and by extension most of the major corps around the
world) all of which require predefined key lengths means that the user
does not and should not in most cases have complete freedom to select
key sizes.

If your concerned about security the best thing to do is get involved
with various efforts to develop 2nd/3rd generation public-key algorithms.

- --
Aryeh M. Friedman
Developer, not business, friendly
http://www.flosoft-systems.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPHeYJ9+1V27SttsRAouVAKCUlutI1KShPWOszBX2EhHLzBvsUQCcCD/y
verURUjM/6E8gq8/Jl66Ghk=
=SdsH
-----END PGP SIGNATURE-----

More information about the freebsd-questions mailing list