Re: GPG key methods and sizes

["Kristian Erik Hermansen" <user=152@nabble.blu.org>]

 On Dec 16, 2007 6:26 AM, Jerry Feldman <[hidden email]> wrote: 
> I was about to generate a new key for myself using RSA with a 2048 bit 
> key, but I noticed that the default for GNUPG is DSA and Elgamal. 
> I was wondering since the El Gamal encryption has fairly recently been 
> added to GNU PG, would I still be better to use RSA/2048. 
> 
> Since my use is mostly digital signatures, and very little to convey 
> secure information, I would think that 2048 would be fine.  Just 
> looking for some opinions. I will be allowing my old key to expire. 

Elliptic curve functions are thought to be more secure, even at lower 
key lengths about ~10% of RSA key lengths.  Here is an article on it 
from RSA... 
http://www.rsa.com/rsalabs/node.asp?id=2013

So, a DSA key of 160 is almost equivalent to an RSA key of 1024 bits. 
Elliptic curve cryptosystems have not yet been proven to be less 
secure, but they are thought to be more secure given the current 
research.  Here is how RSA and DSA differ... 

"Another class of puzzle involves solving the equation a^b = c for b 
when a and c are known. Such equations involving real or complex 
numbers are easily solved using logarithms. However, in some large 
finite groups, finding solutions to such equations is quite difficult 
and is known as the discrete logarithm problem." 

http://en.wikipedia.org/wiki/Elliptic_curve_cryptography

Or you could wait for ECDLP :-) 
-- 
Kristian Erik Hermansen 
"I have no special talent. I am only passionately curious." 

-- 
This message has been scanned for viruses and 
dangerous content by MailScanner, and is 
believed to be clean. 

_______________________________________________ 
Discuss mailing list 
[hidden email] 
http://lists.blu.org/mailman/listinfo/discuss