add key generation subsection to openpgp section
authorPascal K <ryru@addere.ch>
Sun, 11 Jun 2017 13:02:23 +0000 (15:02 +0200)
committerPascal K <ryru@addere.ch>
Sun, 11 Jun 2017 13:02:23 +0000 (15:02 +0200)
src/configuration/GPG/GnuPG/new-key-generation.txt [new file with mode: 0644]
src/configuration/GPG/GnuPG/params.txt [new file with mode: 0644]
src/practical_settings/GPG.tex

diff --git a/src/configuration/GPG/GnuPG/new-key-generation.txt b/src/configuration/GPG/GnuPG/new-key-generation.txt
new file mode 100644 (file)
index 0000000..0c2dcb3
--- /dev/null
@@ -0,0 +1 @@
+gpg --enable-large-rsa --batch --full-gen-key $HOME/Desktop/params.txt`
diff --git a/src/configuration/GPG/GnuPG/params.txt b/src/configuration/GPG/GnuPG/params.txt
new file mode 100644 (file)
index 0000000..16dc5fe
--- /dev/null
@@ -0,0 +1,9 @@
+Key-Type: RSA
+Key-Length: 8192  
+Subkey-Type: RSA
+Subkey-Length: 8192
+Name-Real: <your-name>
+Name-Email: <your-email-address>
+Passphrase: <password>
+Preferences: S9 S13 S8 S12 S7 S11 S10 H10 H9 H8 Z3 Z2 Z1 
+%commit
index b1f7ed8..31c8267 100644 (file)
@@ -29,6 +29,13 @@ Avoid SHA-1 by prefering better hashing methodes. GnuPG. Edit \$HOME/.gnupg/gpg.
 
 Before you generate a new OpenPGP key, make sure there is enough entropy available (see subsection \ref{subsec:RNG-linux}).
 
+\subsection{Key Generation}
+Because of lack of forward secrecy\ac{PFS} in OpenPGP it is preferable to use large asymmetric keys for long term communication protection. A RSA key of 8192 bits should provide enough confidentiallity for the next 15+ years\ref{\url{https://www.keylength.com/}}.
+
+\configfile{new-key-generation.txt}{New key generation with GnuPG version 2.1}
+
+\configfile{params.txt}{Paramters for key generation with GnuPG version 2.1}
+
 \subsection{ECC - Ellyptic Curve Cryptography}
 Since the realease of GnuPG version 2.1 end-2014\footnote{\url{https://www.gnupg.org/faq/whats-new-in-2.1.html#ecc}} ECC is supported. Older versions though are still widely used therefore ECC is not yet applicable in practice.