| 1 |
>>>>> "RHJ" == Robin H Johnson <robbat2@g.o> writes: |
| 2 |
|
| 3 |
RHJ> 2. Root key type of RSA, 4096 bits |
| 4 |
|
| 5 |
rsa 4k provides no real benefits over rsa 3k here; it is just slower |
| 6 |
for everyone, signing or verifying. |
| 7 |
|
| 8 |
Cf, eg, http://www.nsa.gov/business/programs/elliptic_curve.shtml which |
| 9 |
recommends rsa 3k for use with aes128/sha256, rsa 7k for aes192/sha384 |
| 10 |
and rsa 15k for aes256/sha512. |
| 11 |
|
| 12 |
If 3k provides comparable security to aes128 and sha256, and one needs |
| 13 |
to more than double the rsa key length to compare with aes192 and sha384, |
| 14 |
there is no reason to bother with rsa 4k. |
| 15 |
|
| 16 |
-JimC |
| 17 |
-- |
| 18 |
James Cloos <cloos@×××××××.com> OpenPGP: 1024D/ED7DAEA6 |
Archives