On Wed, 13 Apr 2016 05:26:49 PM Ben McGinnes via luv-main wrote:
How many times do we have to say it? Triple-DES was designed by the NSA and its original theoretical security level of 168-bit has already been publicly knocked down to 112-bit or less.
It was designed when the idea was to simply ban export of strong crypto. While the people in power believed that such a ban was useful there wasn't a call to weaken security. I'm sure that the people in power then believed that they could develop strong crypto for communicating with our peaceful allies like Osama bin Laden while the "Godless Communists" who were trying to persecute Osama et al for their religious beliefs would never be able to access it. Meanwhile around the world police are legitimately arresting wanted criminals when they make unusual orders of pizza or tacos. When food for many people is delivered to the home of a known criminal then police don't need to crack any crypto to know that there might be someone worth arresting in residence.
As far as I'm concerned if you can't be bothered editing your algorithm preference order in gpg.conf and editing your keys and subkeys (actually they're set according to each UID) to match then you have no business trying to make keys larger than the default maximums.
Actually I think it's the responsibility of DDs in question (and other OS developers) to ensure that GPG defaults to the correct algorithm preference. Also it would be handy if there was a tool to check your GPG configuration and key setup for obvious mistakes.
That said, I still encourage everyone to make 4K keys by default for at least the cert key and the encryption subkey, signing subkeys are fine at 2K (mine is 3K with 4K for the other two).
-- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/