Hi ZZZZZ, On 7/09/2013 3:47 AM, ZZZZZZZ wrote:> Yeah but gpg is still safe!! Yes, but this article [1], points to the "Intel Secure Key" technology [2] (in newer Intel CPUs). The first intro line of the Intel link says: "Intel Secure Key, was previously code-named Bull Mountain Technology." The earlier NYT article mentions "Bullrun" as a program, that neatly fits with "Bull Mountain" .... So, if we have a new enough [3rd gen or later] Intel CPU, then chances are that the random number generator will bring in issues that will interfere with the security of GPG when generating keys, due to NSA "requirements". The plot thickens somewhat, doesn't it? Perhaps we need to stick with older Intel CPUs to protect against possible issues with the random number generator functions. On a side note, my own current GPG key isn't long enough, I may follow the details from this article [3] to increase the key size to 8192 bits. Besides the current 4096 bit limit may be the result of NSA input.... to help them have a better chance of cracking GPG data. Cheers AndrewM [1] http://blog.cryptographyengineering.com/2013/09/on-nsa.html [2] http://software.intel.com/en-us/blogs/2012/05/14/what-is-intelr-secure-key-t... [3] http://gagravarr.livejournal.com/137173.html?nojs=1 (Creating a 8192 bit GPG key to replace my 1024 bit one)