Re: RSA 1024 ridiculous
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Am 16.06.2007 um 17:05 schrieb Brian Smith: IF you have a life-long digital secret that you want to protect from people with hundreds of millions of dollars to spend, and you insist on using RSA public key encryption to protect it during transit over the internet, then you need to use RSA 15,360 (not a typo) + AES 256 + hope. But, I think RSA 3072 + AES 128 should be good enough to get you a waterboarding ticket; even RSA 1024 + 3DES would result in spyware or a key logger on your client machine to prevent them from having to fill up the bucket. Does GnuPG support RSA keys longer than 4096 bits? I saw a modified old PGPi version doing so but ist took half a minute to sign a short message off less than one 1kb on a pentium1 based laptop... Isn't it more usefull to switch to ECC instead of using that large keys? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iQIVAwUBRnT7e/950yjRhRAFAQptHQ//Whn2WqiGe+eMHlGVU153dsET9G/Jb/fb RMG6y8k0IL+N3xMHwJ3/QbSYEhXFcR+F7Nlw7c959ooMuX9w3lRmRffiv4LcCHdb B0lOkdjCsNo5NSuO0F4jwB3jnEltFWk0Ju2NBB9dwnr/83QOjjZctBqbDwiygNr/ tyNaWw54OV1YcwGSCIeTBYEr5FZO/O3ul5g3UxDS7LBkVlT3k2AxQkXeMBscEF8G CxlQ26EWZfnf3mcUC6clGDUfwpakP7sUKIQm4iZTkk1TuTw85lVuklUzvJTz6Cu8 CxkS3zh18/PdBIeSAvURcQD5OALeIKAi4vL5CPFlPRx13jXuep+pyLeDVAMkjM8O htNZhxZ1/eI/Kcrusv/rhXqnwnw9JhjPBmUQf3u2/2Wp5wJ4V0REntzkjxNEaxk8 h9zjZbbYS46eqtpShlst5emaRfgwdsPIm7ux+2YpHqnlIELrmgrVdsuXxal5mBmg ImKLR8TgUb5gp7/fCWiii6cZsoN5Eb5CROFxvgOcdscU++HmH36VnMUXObde6fpr 2cz3viFuUPi9Fbg5zOdoCosCrEs2GYyxVb19HPEu4B/qQN/xw+0FVFawsyl6brDZ 1WdO3DX/a0+vqBhBrrKqdkXSZPi5WxoJjsJIyXI724W7gsaAoCH33NwtdO6ahtRO HOQovbEoWjw= =zKtG -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
Crest wrote: Isn't it more usefull to switch to ECC instead of using that large keys? Does gnupg support elliptic curve crypto? ;-) -- Met vriendelijke groeten, Remco Post SARA - Reken- en Netwerkdiensten http://www.sara.nl High Performance Computing Tel. +31 20 592 3000Fax. +31 20 668 3167 PGP Key fingerprint = 6367 DFE9 5CBC 0737 7D16 B3F6 048A 02BF DC93 94EC I really didn't foresee the Internet. But then, neither did the computer industry. Not that that tells us very much of course - the computer industry didn't even foresee that the century was going to end. -- Douglas Adams ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
Remco Post wrote: Does gnupg support elliptic curve crypto? ;-) Not yet... Ben ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Sun, 17 Jun 2007, Remco Post wrote: Does gnupg support elliptic curve crypto? ;-) == if you're paranoid about RSA, then there's no reason to go to ECC since the math behind it is still young and uncertain. while a 1024 bit RSA key ~may~ not be secure for a long time, it's old age is due only to computing horsepower, not a break in the math behind it. as such, a larger RSA key buys time... and only time will tell if it buys enough time for a particular need. gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which is what i've been using for a while now. i'll sign this email with RSA-2048/SHA-256 (my default on this key) just to show what it looks like. it's a big signature block, but not ridiculous and on a reasonably powerful computer it's hardly a noticeable delay to work with such keys. - -- ...atom http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 - Next time you hear a scientist asserting that gene splicing is safe, remind yourself that there is no scientific evidence for that statement. -- Donella H. Meadows, adjunct professor of environmental studies, Dartmouth College -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJGdVfDAAoJEAx/d+cTpVcihScIAKERMem7anBsU6GGBTlSDFhy 06QSnLycBLsAPoSWG/MMQgZ58ReOk7u3XRer0xzVa6ogBn6wSvvJ68/Vwz26Zzxl cAhlZn2NSAAvXrXu6Zbne+zLX/sv7FWuGfS+nyd+BBLWXU9UDlLYpxlTigNwsCLU 2+EjGO+O4XtY/GVEAWSWxk0jCfLOXAQ0EJoky6WN2r3tpEQm/LjYqeFlOhmQ9YaP nZwCx0So21L/GBa7B0W6vIiMuLnIww4E5L/gScUFuBQDYeLd3qh7ZvnsGFuJkBfh /0C4gACMBRIFLfNesZ1mSpcmBukGqz1R/6AjTmgfEAOI2QgfMxLhUbKXp0gukG0= =CkyM -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
On Sun, Jun 17, 2007 at 11:14:35AM +0200, Crest wrote: Am 16.06.2007 um 17:05 schrieb Brian Smith: IF you have a life-long digital secret that you want to protect from people with hundreds of millions of dollars to spend, and you insist on using RSA public key encryption to protect it during transit over the internet, then you need to use RSA 15,360 (not a typo) + AES 256 + hope. But, I think RSA 3072 + AES 128 should be good enough to get you a waterboarding ticket; even RSA 1024 + 3DES would result in spyware or a key logger on your client machine to prevent them from having to fill up the bucket. Does GnuPG support RSA keys longer than 4096 bits? I saw a modified old PGPi version doing so but ist took half a minute to sign a short message off less than one 1kb on a pentium1 based laptop... GnuPG supports RSA keys much larger than 4096 bits. It does not, however, currently allow generation of such keys, so the keys must come from elsewhere. Isn't it more usefull to switch to ECC instead of using that large keys? For many cases, yes. However, ECC is not yet defined for OpenPGP. Until that happens, there won't be official support for it in GnuPG. Note, though, there is a ECC version of GnuPG out there if you want to try it. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Atom Smasher wrote: gpg does support RSA-2048/SHA-256 (or even RSA-4096/SHA-512) which is what i've been using for a while now. i'll sign this email with RSA-2048/SHA-256 (my default on this key) just to show what it looks like. it's a big signature block, but not ridiculous and on a reasonably powerful computer it's hardly a noticeable delay to work with such keys. Try signing/encrypting files that are tens, hundreds, or thousands of megabytes in size. Sure, your average machine can sign/encrypt messages that don't even fill a cluster without breaking a sweat, but if the sensitive data is large, RSA-4096 isn't a good choice unless a gov't agency wants that data. - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.4.7 Key ID: 0x60A78FCB - available on major keyservers and upon request Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRnV3UviOA0Bgp4/LAQN7hgf/buVG0w8ddbzysqDJT/AA5tfFnmEbotzS y+26YnXoGn1TgghyCL1h2GC4UXirFGWj50Ql5TuuJBR2xvt8/StRe1ZVYOKaHTs4 pytDLMyi4/K93uNdavnIt5NijYFmrJhFLTSm6/d3l+eEZl/d4jkovJc/YqjvsFOf 73lHUDbBDzvACjPi7maU4StCNgbybQ114Tm9mgtDwIzqtSkDODkV4kUtmVVFypnf Tu4haS8KOOepsYTIGSxxhrTJOgI7E/iLDq/9dMUFYaH8XKpb2pJnHTUkExGYZdKm mbopiCM8xKOalPrNaiCnkH0HbqOyNjdX8VwWe4CoGoj82UeJ99aCqQ== =nEp3 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert Hübener wrote: Andrew Berg wrote: Try signing/encrypting files that are tens, hundreds, or thousands of megabytes in size. Sure, your average machine can sign/encrypt messages that don't even fill a cluster without breaking a sweat, but if the sensitive data is large, RSA-4096 isn't a good choice unless a gov't agency wants that data. The work for the RSA-part of the algorithm is always the same: It only has to process either the hash of the message/file or the key for the symmetric cipher. I don't completely understand. Does this mean that encryption/signature time is only dependent on the hash, and that RSA key size doesn't matter in this regard? - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.4.7 Key ID: 0x60A78FCB - available on major keyservers and upon request Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRnV7YfiOA0Bgp4/LAQOH2gf+POMCNDoSeQeGYuct0RTMPCaV2ByvB0wB 2uXCpGPqlA71pgd+wQ+UC/yEE0f+8v3j3lv7PBfM4e3q3HJhcsAAZJe6lcCYGX1Z duF9yRfZdrn2TcCIL6URdMds788HWUyGurazzun+kJzUfEkd3hE0BPWyvzyBKV82 7c+ti7v2cPAVhcRx2ZDQ50ttVpbWNuIFzRWevS94ns6YQ/HOk9YW2ZB/wowEtOXk nxivQqWgCEO0meRjPiw4uhS2TNdP5tnKrr0Yh6kXOf2t27L6PNU2JN8tRIA9DByH muy6q5ZQcoF0P0uN/tvE2hZfD4tkXu6cvkZW/G60GEuWYSpdL51uAA== =u+hz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: New version of mac-gpg2
Benjamin Donnachie wrote: As previous mac-gpg2 releases, this release is intended for power users only. Universal binary, MacOSX Tiger 10.4.9 and above. Ben ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
On Sun, Jun 17, 2007 at 01:20:17PM -0500, Andrew Berg wrote: Robert Hübener wrote: Andrew Berg wrote: Try signing/encrypting files that are tens, hundreds, or thousands of megabytes in size. Sure, your average machine can sign/encrypt messages that don't even fill a cluster without breaking a sweat, but if the sensitive data is large, RSA-4096 isn't a good choice unless a gov't agency wants that data. The work for the RSA-part of the algorithm is always the same: It only has to process either the hash of the message/file or the key for the symmetric cipher. I don't completely understand. Does this mean that encryption/signature time is only dependent on the hash, and that RSA key size doesn't matter in this regard? Not exactly. There are two main costs when signing a file: the cost to hash the file, which is dependent on the size of the file and the chosen hash algorithm. The other cost is the signing algorithm. Since the data signed in a signature is the hash output, and since hashes are generally tiny relative to the size of the file, this is really the cost of the signing algorithm itself (the biggest hash algorithm supported by GnuPG is SHA-512, and that's only 64 bytes long). David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Sven Radde wrote: The actual bulk data processing is done by a symmetric algorithm / hash function. You only encrypt the key to the symmetric algorithm / sign the hash value. Both are typically 256bit or smaller. In fact, the larger the data you want to process, the *smaller* the impact of a larger key is. (If it takes minutes to hash a few gigabytes, it doesn't matter if signing the hash takes 10, 100 or 1000 milliseconds.) I think I understand after doing a little research as suggested. Only the hash is signed, and only the key (for the symmetric encryption) is encrypted with the public key, and the message itself is encrypted symmetrically. The recipient unlocks the symmetric key with the private key that corresponds to the public key with which it was encrypted and can then decrypt the message. Large file sizes aren't an issue because the files (or messages) are encrypted symmetrically, which is much more efficient than encrypting them directly asymmetrically. Right? - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.4.7 Key ID: 0x60A78FCB - available on major keyservers and upon request Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRnWFGviOA0Bgp4/LAQME+Qf/S8YTteXkIWKFfzZr7d3ERRSiqOz7BEJX JEKv12pve0U4WIPQW11g7nTomKVDOgk8ALMTaAkXA5x1u9KJ7KNV5y9ewMtxXPxz a1jTWUzZgrJdReWM7t7FtOaLojPwdZbOoTtlcM+skektsCMs/XdStCO4xVTzKJwI 3G2sDpMX/pVNSpKSbfs842h4Px51DkQxK4M0Hg0lzO9nxC9+mAIUfHEU0PIeFR/s ttsRA+autGY+HJOpDKwRWyDXkcOkjVZY4Dc7Jdl1OycYNbsXloyxJykBE2y1s24Z RytmUc1Qbzk/d9D6Z9sE0h3zeU5pooyR8ic7INyvcpT+4l/U5EZe4A== =RLRi -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
RSA keysize will influence how long it takes you to encrypt or sign a message. But how long the RSA signing/encryption step takes is going to be the same no matter what the message length. That's because you are only ever signing a hash of the message or encrypting the symmetric session key used to encrypt the message. I doubt I could notice the difference on my computer between encrypting at 20GB tarball with a 1024bit key or a 4096bit key. With large amounts of data most of the time is spent on the symmetric encryption (or perhaps on compression or disk io?). The bigger the amount of data you're encrypting the less you're going to notice RSA keysize differences :). On 6/18/07, Andrew Berg [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 Robert Hübener wrote: Andrew Berg wrote: Try signing/encrypting files that are tens, hundreds, or thousands of megabytes in size. Sure, your average machine can sign/encrypt messages that don't even fill a cluster without breaking a sweat, but if the sensitive data is large, RSA-4096 isn't a good choice unless a gov't agency wants that data. The work for the RSA-part of the algorithm is always the same: It only has to process either the hash of the message/file or the key for the symmetric cipher. I don't completely understand. Does this mean that encryption/signature time is only dependent on the hash, and that RSA key size doesn't matter in this regard? - -- Windows NT 5.1.2600.2180 | Thunderbird 2.0.0.4 | Enigmail 0.95.1 | GPG 1.4.7 Key ID: 0x60A78FCB - available on major keyservers and upon request Fingerprint: 4A84 CAE2 A0D3 2AEB 71F6 07FD F88E 0340 60A7 8FCB -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRnV7YfiOA0Bgp4/LAQOH2gf+POMCNDoSeQeGYuct0RTMPCaV2ByvB0wB 2uXCpGPqlA71pgd+wQ+UC/yEE0f+8v3j3lv7PBfM4e3q3HJhcsAAZJe6lcCYGX1Z duF9yRfZdrn2TcCIL6URdMds788HWUyGurazzun+kJzUfEkd3hE0BPWyvzyBKV82 7c+ti7v2cPAVhcRx2ZDQ50ttVpbWNuIFzRWevS94ns6YQ/HOk9YW2ZB/wowEtOXk nxivQqWgCEO0meRjPiw4uhS2TNdP5tnKrr0Yh6kXOf2t27L6PNU2JN8tRIA9DByH muy6q5ZQcoF0P0uN/tvE2hZfD4tkXu6cvkZW/G60GEuWYSpdL51uAA== =u+hz -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Which key is used when more than one are valid?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My gnupg file that I get with edit-keys myuid contains, among other things: sub 2048g/48FF0850 created: 2007-02-24 expires: 2008-02-24 sub 4096g/124E0663 created: 2007-06-17 expires: 2009-06-16 How do I know which key is used when sending e-mail? Or is this a Thunderbird question? - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jerseyhttp://counter.li.org ^^-^^ 14:45:01 up 5 days, 19:45, 5 users, load average: 4.13, 4.21, 4.30 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGdYIwPtu2XpovyZoRArhqAKDPQET44cuCxGO1oFYZsUsLJh8fiwCgmetE 6W6u+B98xcLDDy+msrqrsv8= =IuPV -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous /8192 is sublime
gnupg as distributed may not be generating larger than 4096 bit keys but it is easy enough to (or was in the past) to modify the source code in I think one place and change it to whatever you want. In my case I was able to successfully generate a 8192-bit RSA key and tested it with encryption, decryption, signing, etc. and it worked. My Hard drive, like my closet and garage, however is resisting my attempts to figure out where I put this particular piece of enterprise. (I think it was back in 2003 +/-). I will keep looking for it. -Newgon On Sun, 2007-06-17 at 12:58 -0400, David Shaw wrote: On Sun, Jun 17, 2007 at 11:14:35AM +0200, Crest wrote: Am 16.06.2007 um 17:05 schrieb Brian Smith: IF you have a life-long digital secret that you want to protect from people with hundreds of millions of dollars to spend, and you insist on using RSA public key encryption to protect it during transit over the internet, then you need to use RSA 15,360 (not a typo) + AES 256 + hope. But, I think RSA 3072 + AES 128 should be good enough to get you a waterboarding ticket; even RSA 1024 + 3DES would result in spyware or a key logger on your client machine to prevent them from having to fill up the bucket. Does GnuPG support RSA keys longer than 4096 bits? I saw a modified old PGPi version doing so but ist took half a minute to sign a short message off less than one 1kb on a pentium1 based laptop... GnuPG supports RSA keys much larger than 4096 bits. It does not, however, currently allow generation of such keys, so the keys must come from elsewhere. Isn't it more usefull to switch to ECC instead of using that large keys? For many cases, yes. However, ECC is not yet defined for OpenPGP. Until that happens, there won't be official support for it in GnuPG. Note, though, there is a ECC version of GnuPG out there if you want to try it. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- Public Key: 4096R/136FC036 2004-02-09 Newton Hammet [EMAIL PROTECTED] Key fingerprint = 785F DFF3 7029 3FBD 45CE 747C 93CA E808 136F C036 Key servers: pgp.mit.edu, others... ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous / RSA 8192 sublime, and, possible with gnupg.
On Sun, 2007-06-17 at 12:58 -0400, David Shaw wrote: Lot's of other stuff, not top-posted here. GnuPG supports RSA keys much larger than 4096 bits. It does not, however, currently allow generation of such keys, so the keys must come from elsewhere. Isn't it more usefull to switch to ECC instead of using that large keys? For many cases, yes. However, ECC is not yet defined for OpenPGP. Until that happens, there won't be official support for it in GnuPG. Note, though, there is a ECC version of GnuPG out there if you want to try it. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users To coax bigger RSA keys out of gnupg-1.4.7 you have to download and recompile the source, but with one change in the following file: gnupg-1.4.7/g10/keygen.c Here is diff -r output, 2 source trees, one source tree containing the single difference: [EMAIL PROTECTED]:~/gpg_test_8192 diff -r * 21|grep -v 'Only in' diff -r gnupg-1.4.7/g10/keygen.c gnupg_1.4.7x/g10/keygen.c 1528a1529 max=8192; In more detail it's the following case stanza: case PUBKEY_ALGO_RSA: min=1024; max=8192; /* Line of code to allow 8192 key generation.*/ break; It is the case stanza in the first switch statement in the function: ask_keysize(int algo) in the file g10/keygen.c I can successfully generate an 8192-key (in under 10 minutes). If I get around 2it, I will test this key for signing, maybe generate a 8192-bit RSA sub-key and test that, too. I did this before in gnupg-1.2.1 (Check the mailing list archives) but it was a different change... I think, to a header file. (I don't have or can no longer find the detritus from that excursion) I was much more energetic then testing, signing, encrypting, and decrypting with a 8192-bit RSA key. The real rub will be to see if it behaves well with unaltered (for 8192 key generation) gnupg-1.4.7) for encrypting, signing, decrypting, etc., but I suspect it will be copacetic with unaltered official gnupg-1.4.7. (Werner Koch and the gang are pretty thorough with this code, it is high quality stuff) Regards, Newton -- Public Key: 4096R/136FC036 2004-02-09 Newton Hammet [EMAIL PROTECTED] Key fingerprint = 785F DFF3 7029 3FBD 45CE 747C 93CA E808 136F C036 Key servers: pgp.mit.edu, others... ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous
On Sun, 17 Jun 2007 20:02, [EMAIL PROTECTED] said: Try signing/encrypting files that are tens, hundreds, or thousands of megabytes in size. Sure, your average machine can sign/encrypt messages that don't even fill a cluster without breaking a sweat, but if the sensitive data is large, RSA-4096 isn't a good choice unless a gov't agency wants that data. Although I agree that 4096 bit RSA is far too paranoid, the size of a file to encrypt is independent of the public key size. The bulk of the file is encrypted using a symmetric cipher, i.e AES 128 or 256. SHA-256 is not used at all for encryption - only SHA-1 for a special kind of checksum (a MIC). Shalom-Salam, Werner ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous /8192 is sublime
On Sun, Jun 17, 2007 at 12:41:16PM -0500, Newton Hammet wrote: gnupg as distributed may not be generating larger than 4096 bit keys but it is easy enough to (or was in the past) to modify the source code in I think one place and change it to whatever you want. In my case I was able to successfully generate a 8192-bit RSA key and tested it with encryption, decryption, signing, etc. and it worked. My Hard drive, like my closet and garage, however is resisting my attempts to figure out where I put this particular piece of enterprise. (I think it was back in 2003 +/-). I will keep looking for it. It's in keygen.c:ask_keysize. It's trivial to change, but be aware that we've set it to 4096 for a reason (several reasons). Of course, I firmly believe in the right of everyone to shoot themselves in the foot if they insist on it. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous / RSA 8192 sublime, and, possible with gnupg.
On Sun, Jun 17, 2007 at 02:24:22PM -0500, Newton Hammet wrote: I did this before in gnupg-1.2.1 (Check the mailing list archives) but it was a different change... I think, to a header file. (I don't have or can no longer find the detritus from that excursion) I was much more energetic then testing, signing, encrypting, and decrypting with a 8192-bit RSA key. The real rub will be to see if it behaves well with unaltered (for 8192 key generation) gnupg-1.4.7) for encrypting, signing, decrypting, etc., but I suspect it will be copacetic with unaltered official gnupg-1.4.7. (Werner Koch and the gang are pretty thorough with this code, it is high quality stuff) There is no magic stop working if the key is 4096 bits in the RSA code. The math doesn't work that way, anyway. The limit in GnuPG is artificial, but carefully considered to balance multiple factors like performance, and perhaps most crucially, interoperability with other OpenPGP implementations. Every year someone (re)patches GnuPG to raise the key size limit for RSA. This is followed by a flurry of messages until people see just how inconvenient a giant RSA signature is and then move on. This year is slightly different in that I'm waiting for someone to discover they can also raise the key size limit for DSA. That, at least, is marginally less strange as I put in code to make the hash size automatically rise as the key size rises. Using SHA-1 with a 8192-bit RSA key is... odd. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous / RSA 8192 sublime, and, possible with gnupg.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 David Shaw wrote: This year is slightly different in that I'm waiting for someone to discover they can also raise the key size limit for DSA. That, at least, is marginally less strange as I put in code to make the hash size automatically rise as the key size rises. Using SHA-1 with a 8192-bit RSA key is... odd. Wait No longer. However, as You point out; Why use a large Key with the available Hash selections. Even considering DSA2, Everyone I know has already begun migration away from DSA to RSA. Personally, I feel Compiling GnuPG with the ability to generate an 8192 Key, while amusing, is akin to selling someone a .22cal hollowpoint weapon instead of a .45ACP for Personal Defense because it 'kicks' less. JOHN ;) Timestamp: Sunday 17 Jun 2007, 18:30 --400 (Eastern Daylight Time) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8-svn4511: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: My Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJGdbYxAAoJEBCGy9eAtCsPqhYH/2G07aLHAH7uRUiianl9c/VD rbIoFoAHr1BbnSfH0tzuGippnhZZyOVWqKIMJruTXrebT3jKc+J6FKUbPFMVUbMP cSr8m7R/+tYBBrN/YIIEPEP7hLgOh92/0P2wR6O4iSu1xTAzJUsgnJc5cpf51/w7 eFOfrOquu6hFkvLbQJtCugZ1Idr/Zuw/PRHl1MkncSXOzBIBQ/tiOnLfIZ0Ym4SN dxu3prb9D6cbII7Jd7qJvLHVp+rerdTapzsE8PIh2bTBKogqaOokoBzwrZYzjd0h gPZXEEZ/+446ST2KxA8kOGC7fnhYYu+G4O2rIBGedAL/IlVDm1jU9lLZdLHHrFA= =usf1 -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Which key is used when more than one are valid?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 David Shaw wrote: On Sun, Jun 17, 2007 at 02:49:21PM -0400, Jean-David Beyer wrote: My gnupg file that I get with edit-keys myuid contains, among other things: sub 2048g/48FF0850 created: 2007-02-24 expires: 2008-02-24 sub 4096g/124E0663 created: 2007-06-17 expires: 2009-06-16 How do I know which key is used when sending e-mail? Or is this a Thunderbird question? GnuPG picks the subkey for you unless explicitly told which one to use. In the above case, it would pick the second key, as it is more recent. However, 'Account Settings' within Thunderbird does allow You to select which Key to use _if_ Enigmail is also Installed. JOHN ;) Timestamp: Sunday 17 Jun 2007, 18:24 --400 (Eastern Daylight Time) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8-svn4511: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust: http://www.gswot.org Comment: My Homepage: http://tinyurl.com/yzhbhx iQEcBAEBCgAGBQJGdbSOAAoJEBCGy9eAtCsPkqgH/2IwEzCq7AQ4Fea7QSzkO7d9 G9jFJ02bfdkGAkIeHT0SHGfHmsvwaNlCKq0b1GkeAYPr1EsFw181f17+cCswO3mg MhjibdKtJN7qcR/gbfDq/j0EhW6t+XYMPIGY/O3vJ7KZNU/EjoKAQXHcQBHXqH2Z fSGje8Wqqgapc+FvdhKWQm+d6LmsmgBm1jSfLDN8GDZH5qU+ZpXTmODEfOfSx/dP FsmYd51J6wZQMySMAxJ29Wq7wJoTaDJ64IudEBVhf2DFCfvnM6O78CMzoFWRhtIF OrHglneP9WvTcNWWCn/nJWoACHxmf4YbBg33gph512e8WinklOp/hfGdwWG3YQ0= =TQql -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Which key is used when more than one are valid?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 John W. Moore III wrote: David Shaw wrote: On Sun, Jun 17, 2007 at 02:49:21PM -0400, Jean-David Beyer wrote: My gnupg file that I get with edit-keys myuid contains, among other things: sub 2048g/48FF0850 created: 2007-02-24 expires: 2008-02-24 sub 4096g/124E0663 created: 2007-06-17 expires: 2009-06-16 How do I know which key is used when sending e-mail? Or is this a Thunderbird question? GnuPG picks the subkey for you unless explicitly told which one to use. In the above case, it would pick the second key, as it is more recent. However, 'Account Settings' within Thunderbird does allow You to select which Key to use _if_ Enigmail is also Installed. JOHN ;) Timestamp: Sunday 17 Jun 2007, 18:24 --400 (Eastern Daylight Time) It allows me to pick the key, but not the sub-key, unless I am missing something. - -- .~. Jean-David Beyer Registered Linux User 85642. /V\ PGP-Key: 9A2FC99A Registered Machine 241939. /( )\ Shrewsbury, New Jerseyhttp://counter.li.org ^^-^^ 20:25:01 up 6 days, 1:25, 3 users, load average: 4.51, 4.29, 4.11 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGddE7Ptu2XpovyZoRAhwLAJsHutIe1FSKiuSfS6AovqvTv897JgCeMFgp ra/GHa7ZEWiq3VQ0k6iUlOU= =zFXY -END PGP SIGNATURE- ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
new (2007-06-10) keyanalyze results (+sigcheck)
New keyanalyze results are available at: http://keyserver.kjsl.com/~jharris/ka/2007-06-10/ Signatures are now being checked using keyanalyze+sigcheck: http://dtype.org/~aaronl/ Earlier reports are also available, for comparison: http://keyserver.kjsl.com/~jharris/ka/ Even earlier monthly reports are at: http://dtype.org/keyanalyze/ SHA-1 hashes and sizes for all the permanent files: 2c78886524d01203b8a805e6e72224f84d10cb6814902056preprocess.keys 799cf84b30198c0f84128f47a68e13d0154bedbe8640906 othersets.txt fa83f9a4e2b4563cdac52a531db8f5428fe3ccd43560718 msd-sorted.txt baaeed0c20caa1a4a3560b18bc67065532e47d512276keyring_stats fd7ca4bac414586aae346eaff3cfeb1721bbb02d1401542 msd-sorted.txt.bz2 ac997bfae18a6f202f675fd23165e68af751df7b26 other.txt 0ab8465957042f48f28a266ec595b076ca7f4ebf1878107 othersets.txt.bz2 2c9378b0d8c1ca93b3e00615670b1709f8f477f76070207 preprocess.keys.bz2 4b48f13770f4e53fe2b636299f9e7b432d9f48bc15373 status.txt 3aebe1595990611a814ddc67e2908b7ab5db2997194403 top1000table.html be74cdef4e48f9d494ca72f1eaf1f2ece827f44329602 top1000table.html.gz ad7643888b57086d0c88be4d39cc133bc9b05dac9714top50table.html 022e831a11ef152e44e483a65638b1b712f0eea82529D3/D39DA0E3 -- Jason Harris | NIC: JH329, PGP: This _is_ PGP-signed, isn't it? [EMAIL PROTECTED] _|_ web: http://keyserver.kjsl.com/~jharris/ Got photons? (TM), (C) 2004 pgpJ8HNBROlVv.pgp Description: PGP signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous / RSA 8192 sublime, and, possible with gnupg.
On Sun, Jun 17, 2007 at 06:31:15PM -0400, John W. Moore III wrote: David Shaw wrote: This year is slightly different in that I'm waiting for someone to discover they can also raise the key size limit for DSA. That, at least, is marginally less strange as I put in code to make the hash size automatically rise as the key size rises. Using SHA-1 with a 8192-bit RSA key is... odd. Wait No longer. However, as You point out; Why use a large Key with the available Hash selections. Even considering DSA2, Everyone I know has already begun migration away from DSA to RSA. Personally, I feel Compiling GnuPG with the ability to generate an 8192 Key, while amusing, is akin to selling someone a .22cal hollowpoint weapon instead of a .45ACP for Personal Defense because it 'kicks' less. I have no idea what this means... which makes it an excellent analogy for the key size question. It takes some understanding of the issues to know why a particular key size matches up with a particular hash size, is used with particular software, for particular usage, etc. I don't understand the issues in your example (beyond saying they're two different bullets), so if I needed to choose between them, I'd have to do some learning first to even understand the question, much less reach the right answer for me. The defaults in GnuPG are chosen to be basically sane for the overwhelming majority of users. People who are recompiling GnuPG need to understand the implications of the change they are making and be aware they're throwing away that safety net. David ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Which key is used when more than one are valid?
Jean-David Beyer wrote: John W. Moore III wrote: David Shaw wrote: On Sun, Jun 17, 2007 at 02:49:21PM -0400, Jean-David Beyer wrote: My gnupg file that I get with edit-keys myuid contains, among other things: sub 2048g/48FF0850 created: 2007-02-24 expires: 2008-02-24 sub 4096g/124E0663 created: 2007-06-17 expires: 2009-06-16 How do I know which key is used when sending e-mail? Or is this a Thunderbird question? GnuPG picks the subkey for you unless explicitly told which one to use. In the above case, it would pick the second key, as it is more recent. However, 'Account Settings' within Thunderbird does allow You to select which Key to use _if_ Enigmail is also Installed. It allows me to pick the key, but not the sub-key, unless I am missing something. Subkeys may be explicitly specified by appending an exclamation mark (!) suffix; eg, 0x124E0663! This flag tells GnuPG to use the specified primary or secondary key and not to try and calculate which primary or secondary key to use. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A what's the key to success?/ two words: good decisions. what's the key to good decisions? / one word: experience. how do i get experience? / two words: bad decisions. Just how do the residents of Haiku, Hawai'i hold conversations? signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: RSA 1024 ridiculous / RSA 8192 sublime, and, possible with gnupg.
On Sun, 17 Jun 2007, David Shaw wrote: The defaults in GnuPG are chosen to be basically sane for the overwhelming majority of users. People who are recompiling GnuPG need to understand the implications of the change they are making and be aware they're throwing away that safety net. == maybe the above text, or something like it, should be included in the code as a comment just above the lines that get changed to increase the key size... /* edit the line below to shoot yourself in the foot */ -- ...atom http://atom.smasher.org/ 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 - None are more hopelessly enslaved than those who falsely believe they are free. -- Johann Wolfgang Von Goethe ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users