Le 12.05.20 à 11:24, Johan Wevers a écrit :
On 12-05-2020 3:46, Pete Stephenson via Gnupg-users wrote:
For example, a 256 bit elliptic curve key has a similar strength to a symmetric
key of 128 bits.
Until, of course, a working quantum computer with more than a few qubits
is constructed. Then ECC is much more vulnerable than RSA or ElGamal due
to its smaler keysize (of course once a 256 bit quantum computer gets
constructed I would also worry about 8192 bit RSA being vulnerable too
in the very near future).
Hi,
In the FAQ, it is written:
Will GnuPG ever support RSA-3072 or RSA-4096 by default?
Probably not. The future is elliptical-curve cryptography, which will bring a level of safety comparable to RSA-16384. Every minute we spend arguing about whether we should change the defaults to RSA-3072 or more is one minute the shift to ECC is delayed. Frankly, we think ECC is a really good idea and we’d like to see it deployed as soon as humanly possible.
(https://www.gnupg.org/faq/gnupg-faq.html#default_rsa2048)
So, I guess the key size is not the only criteria to evaluate the
strength of a cipher and ECC still provides better results despite
shorter keys.
However, I would be interested to know which ECC cipher would you
recommend to replace RSA. I am not a cryptographer and I don't find any
information (or more honestly: information that I can understand) about
Curve 25519, NIST P-256 (and greater), Brainpool, or secp256k1.
Thanks for the feedback,
Best,
Sylvain
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
