I just use 4096 bit because that is the biggest size my OpenPGP Cards can handle. In my opinion using a smart card instead of online keys increase security far more than strange large key sizes! I also see no point using less than 4096 because modern hardware is fast enough. Maybe my keys last longer that way. Am 01.09.2013 02:43 schrieb "Robert J. Hansen" <r...@sixdemonbag.org>:
> On 08/31/2013 05:46 AM, Ole Tange wrote: > > The FAQ > http://www.gnupg.org/faq/GnuPG-FAQ.html#what-is-the-recommended-key-size > > recommends a key size of 1024 bits. > > > > Reading http://www.keylength.com/en/4/ I am puzzled why GnuPG > recommends that. > > It shouldn't; NIST recommends 2048 bits for 20 years of security. > > NIST notably makes no recommendations past 20 years, as they are deeply > skeptical of their ability to forecast out that far. I suspect your > ability is no greater than theirs is, so I'd be very careful about > declaring a 10K key to be greater than your natural lifespan. > > Per NIST, a 2048-bit key is of comparable difficulty to breaking 3DES. > Given the tremendous level of confidence people have in the long-term > suitability of 3DES, I am convinced a 2048-bit key will outlast my > ability to remember the passphrase to it. > > _______________________________________________ > Gnupg-users mailing list > Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users >
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users