reduce RSA key size
authorPascal K <ryru@addere.ch>
Wed, 13 Dec 2017 09:07:46 +0000 (10:07 +0100)
committerPascal K <ryru@addere.ch>
Wed, 13 Dec 2017 09:49:00 +0000 (10:49 +0100)
src/configuration/GPG/GnuPG/new-key-generation.txt
src/configuration/GPG/GnuPG/params.txt
src/practical_settings/GPG.tex

index 0c2dcb3..ac150f8 100644 (file)
@@ -1 +1 @@
-gpg --enable-large-rsa --batch --full-gen-key $HOME/Desktop/params.txt`
+gpg --batch --full-gen-key $HOME/Desktop/params.txt`
index 3b6eea2..e440713 100644 (file)
@@ -1,7 +1,7 @@
 Key-Type: RSA
 Key-Type: RSA
-Key-Length: 8192  
+Key-Length: 4096 
 Subkey-Type: RSA
 Subkey-Type: RSA
-Subkey-Length: 8192
+Subkey-Length: 4096
 Name-Real: <your-name>
 Name-Email: <your-email-address>
 Passphrase: <password>
 Name-Real: <your-name>
 Name-Email: <your-email-address>
 Passphrase: <password>
index e96df22..b4eb792 100644 (file)
@@ -28,7 +28,7 @@ Avoid SHA-1 by preferring better hashing methods. GnuPG. Edit \$HOME/.gnupg/gpg.
 \gdef\currentsectionname{GPG}
 \gdef\currentsubsectionname{GnuPG}
 Because of lack of forward secrecy \ref{subsection:PFS} in OpenPGP it is preferable to use large asymmetric keys for long term
 \gdef\currentsectionname{GPG}
 \gdef\currentsubsectionname{GnuPG}
 Because of lack of forward secrecy \ref{subsection:PFS} in OpenPGP it is preferable to use large asymmetric keys for long term
-communication protection. A RSA key of 8192 bits should provide enough confidentiality for the next 15+ years\footnote{\url{https://www.keylength.com}}.
+communication protection. A RSA key of 4096 bits should provide enough confidentiality for the next 10 years\footnote{\url{https://www.keylength.com}}.
 
 \configfile{new-key-generation.txt}{}{New key generation with GnuPG version 2.1}
 
 
 \configfile{new-key-generation.txt}{}{New key generation with GnuPG version 2.1}