[kwlug-disc] Using 4096-bit RSA vs. 1024

unsolicited unsolicited at swiz.ca
Sat Sep 11 14:31:21 EDT 2010


At what point does key size stop providing realistically useful 
economies of scale, vis a vis overhead imposed?

So, for example, what is the cracking time difference between a 1024 
bit and a 4096 bit key? Assume RSA - your point wrt DSA is taken.

What increase in overhead occurs as keys get larger? i.e. If 4096 only 
imposes a small initial penalty (seconds) to determine a 1024 bit 
decryption key (say), that's OK. But if the larger key means extra 
seconds at every bit of data decode, that's not ok. [Perhaps I'm 
mixing technologies here? e.g. https / vpn initial key exchange (?)/ 
verification vs. ongoing encryption (pgp) keys?]

(Mixing  'encryptions' here ...) For https, at what point will the 
time to crack be so far beyond the timeliness of the data that it 
doesn't matter. [I don't accept a premise that if they can eventually 
crack it it's insufficient encryption.]

I guess, to summarize, what do you gain / lose as key sizes get larger 
and larger? (Whether the gain is worth the loss is, I guess, a 
personal decision. For me, there is a point of diminishing returns - 
although I don't know where that point is, myself, at the moment.)


Denver Gingerich wrote, On 09/11/2010 1:34 PM:
> (changing subject for proper threading)
> 
> 
> On Fri, Sep 10, 2010 at 10:31 PM, Paul Nijjar <paul_nijjar at yahoo.ca> wrote:
> [...]
>> As part of this meeting we will hold a keysigning party, and if you
>> act quickly then you can participate! There is a summary of how to get
>> started here: http://kwlug.org/node/772 which I will reproduce below.
>> But you have to get Keymaster Chris your signature BEFORE the meeting
>> to play.
> [...]
>> Whew. Here are some keysigning party instructions:
>>
>> Chris Frey (cdfrey at the domain foursquare dot net) is the KeyMaster
>> for this party. As part of the process, you will e-mail him your key.
>>
>> Here are his instructions for getting started, with some e-mail
>> address obfuscation:
>>
>>   1. Generate new key:
>>
>>      gpg --gen-key
>>
>>      (Accept the defaults, they are pretty good)
> 
> Unfortunately, they might not be.  On most distros released before
> about May 2009 (and probably more), the default GnuPG settings will
> give you a 1024-bit DSA key, which is quite vulnerable to attacks due
> to its reliance on SHA-1:
> 
> http://www.debian-administration.org/users/dkg/weblog/48
> 
> As recommended in the above article, users should select RSA and I
> would personally recommend using the maximum key size of 4096 bits.
> 
> So please do NOT use the defaults and instead choose 4096-bit RSA.
> This will give us a much stronger web of trust.
> 
> I'm personally of the opinion that a non-expiring key is ok, though
> the extra-paranoid will probably want a finite expiration time (though
> this makes it harder to remain in the web of trust over time).
> 
>>      gpg --fingerprint dc6371d5
>>      pub 1024D/DC6371D5 2006-12-02 [expires: 2011-12-01]
>>      Key fingerprint = 7D71 47F2 3F61 B0E1 5F3C 68A4 819A 39D8 DC63
>> 71D5
>>      uid Chris Frey (cube)
>>      sub 4096g/C2855553 2006-12-02 [expires: 2011-12-01]
> 
> I hate to break it to Chris, but his key is one of the potentially
> vulnerable.  "pub 1024D" means 1024-bit DSA.  I would especially
> recommend that Chris generate a new key before the meeting, being the
> keymaster and all.
> 
> Here's an example of the kind of key you want:
> 
> $ gpg --keyserver pgp.mit.edu --recv-keys 5F36A772
> $ gpg --list-keys 5F36A772
> pub   4096R/5F36A772 2009-06-16
> uid                  Denver Gingerich [...]
> sub   4096R/A0C337A9 2009-06-16
> 
> 
> (As you may have guessed, "pub   4096R" means I have a 4096-bit RSA key.)
> 
> Whoever has access, please update the instructions at
> http://kwlug.org/node/772 and send them to kwlug-announce (I know not
> all people follow kwlug-disc).
> 
> I don't like to causing extra work for people (updating
> sites/e-mails), but I would much rather see a little extra work done
> now than to have a whole bunch of vulnerable keys made.
> 
> I hope the keysigning party goes well.
> 
> Denver
> http://ossguy.com/
> 
> _______________________________________________
> kwlug-disc_kwlug.org mailing list
> kwlug-disc_kwlug.org at kwlug.org
> http://astoria.ccjclearline.com/mailman/listinfo/kwlug-disc_kwlug.org
> 



More information about the kwlug-disc_kwlug.org mailing list