1 |
>>>>> "RHJ" == Robin H Johnson <robbat2@g.o> writes: |
2 |
|
3 |
RHJ> 2. Root key type of RSA, 4096 bits |
4 |
|
5 |
rsa 4k provides no real benefits over rsa 3k here; it is just slower |
6 |
for everyone, signing or verifying. |
7 |
|
8 |
Cf, eg, http://www.nsa.gov/business/programs/elliptic_curve.shtml which |
9 |
recommends rsa 3k for use with aes128/sha256, rsa 7k for aes192/sha384 |
10 |
and rsa 15k for aes256/sha512. |
11 |
|
12 |
If 3k provides comparable security to aes128 and sha256, and one needs |
13 |
to more than double the rsa key length to compare with aes192 and sha384, |
14 |
there is no reason to bother with rsa 4k. |
15 |
|
16 |
-JimC |
17 |
-- |
18 |
James Cloos <cloos@×××××××.com> OpenPGP: 1024D/ED7DAEA6 |