| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 09/09/2013 01:28 AM, Mick wrote: |
| 5 |
> |
| 6 |
> Are you saying that 2048 RSA keys are no good anymore? |
| 7 |
> |
| 8 |
|
| 9 |
They're probably fine, but when you're making them yourself, the extra |
| 10 |
bits are free. I would assume that the NSA can crack 1024-bit RSA[1], |
| 11 |
so why not jump to 4096 so you don't have to do this again in a few years? |
| 12 |
|
| 13 |
The performance overhead is also mostly negligible: the only thing the |
| 14 |
public key crypto is used for is to exchange a secret which is then |
| 15 |
used to do simpler (and faster) crypto. |
| 16 |
|
| 17 |
|
| 18 |
[1] |
| 19 |
http://blog.erratasec.com/2013/09/tor-is-still-dhe-1024-nsa-crackable.html |
| 20 |
|
| 21 |
-----BEGIN PGP SIGNATURE----- |
| 22 |
Version: GnuPG v2.0.20 (GNU/Linux) |
| 23 |
|
| 24 |
iQIcBAEBAgAGBQJSLdBEAAoJEBxJck0inpOiGg4P/1fBRpLoSsNnzjhFGro6vHOr |
| 25 |
uf5/xUR8y2M+7sBXsyS6d7uU1GfKcyWW2UnhuMabz6/bLWSmhCeGAZrAw1n1/oqp |
| 26 |
DcxvT9Z/SWM/taYCGkMcxAh3pMxCTohS7Dpq1NxjjB2J7+GgITCNfn6b1bxrAjjO |
| 27 |
cWCjrAh9ozESiP7AGM2vt2CR9mC0AsWMEoUk5zF0wd0BZq7cCSbcnxV54E784OVz |
| 28 |
TXcmhvISHz5cgC5nWTylCgy4BqLp94A7ZjtuvZntTBhAeU9MFWX1FpnrBbbnOwW4 |
| 29 |
WPCYF3mRJKKapE6IIN2jHp1l0w8oM/EFrMoGYYQkAG393TWaRgDLqGqAJBDpLDwP |
| 30 |
+fmeT/xdfn7nyQNV1IwfdeAdcHFPoKw9dcr2kWVYlx8oJQteibSaQmT9L/LLdJfk |
| 31 |
5+XgFg2Va6xTx1YsBfRGXc/PIjrQwlJ0rZ2osjKYfE6G1747+sz0fD74rDRoLTrl |
| 32 |
j8I4QVuMeOqxdXp9hQv6TNuEHXw9vlbKRlOwT/E7sTHWerK5EXFqgUS8txl3Os+3 |
| 33 |
2iNgz7v/0AhMrH0evtzn2k88agjXY1UrqUotHuGndJxyc1ZhXZuoJAOSFcgLv/ko |
| 34 |
L1Vzl3lOdaj1nF23RMWZoqdaI4BZyBM4zDx7K+0g3e7YadQ/EkD6mof0sVNGpO4a |
| 35 |
q6PNGNy9oZaWflDAOHaN |
| 36 |
=Ni4r |
| 37 |
-----END PGP SIGNATURE----- |
Archives