A Practical Introduction to GNU Privacy Guard in Windows recommends DSA and ElGamal, but I would like to know if RSA is good enough to use these days, and if so, what minimum key size should I use? Is it ok to use SHA-256 for signing (for compatibility with e-mail clients)?
Also, beside e-ignite: Key Types, can you point to other sources for this subject?
At the prompt, specify the key size you want, or press Enter to accept the default. Your key must be at least 4096 bits. Enter the length of time the key should be valid.
For RSA keys, the minimum size for clear RSA keys and secure RSA keys on the public key data set (PKDS) is 512 bits. The minimum size for secure RSA keys on the token key data set (TKDS) is 1024 bits and the size must be a multiple of 256.
Overview. GnuPG is a hybrid-encryption software program because it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient's public key to encrypt a session key which is used only once.
PGP key sizes can range from 1024 bits to 4096 bits. The default key size is 2048 bits.
RSA/DSA minimum today is 1024 bit actually, so Elleptical Curves becoming more in use since they are faster and using shorter keys.
To have a similar security as AES256 you will need at least 3072 bit (384 bytes) key...
Email clients using certificates nowadays - so it's separate thing (X.509), but for using with RSA/DSA most common option is SHA-1 (somewhat weak now).
I recommend study of:
I know the topic is old, but at this time, DSA 1024 is considered to be too weak, as is SHA-1. You should use RSA 2048 (for signing and encryption) and SHA256 (for digest). Normally, the symmetric algorithm used is AES256, which is good enough.
When encrypting, GPG gzips the data, creates an AES256 key and encrypts the data with it. It then encrypts the AES key with the recipient RSA or ElGamal public key and sends the encrypted AES key + the encrypted data in a pack.
RSA 2048 is said to protect data until 2015 or so, and RSA 4096 would protect data until 2020, based on the predicted computer power at that time. (I'm not totally sure about the dates, but it is logical that a 4096 bit key would be harder to crack than a 2048 bit one)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With