[NTLUG:Discuss] OT: Cryptography Key Length
Robert Pearson
e2eiod at gmail.com
Sat May 26 20:56:43 CDT 2007
On 5/26/07, Dennis Rice <dennis at dearroz.com> wrote:
> Just wanting to start a general topic discussion regarding encrypting of
> a message. I am assuming that all have some familiarity with GPG (alias
> PGP) in the open source world.
>
> The old legal limits to encryption using a symmetric key was 56 bits,
> and is now 128 if I understand correctly. Today, I am under the
> impression that an asymmetric key is equivalent to a shorter symmetric key.
>
> In presenting the GPG process in class the other day, I observed that
> the new limits to GPG for key length was between 1024 and 4096 bits (it
> use to be 768 to a "recommended" 2048, default 1024). I attempted to
> create a 8192 bit key, and the gnupg software said no (nicely), so I
> chose a 4096 key length.
>
> OK, all that is great, but how does that fit into the limitations
> presented by the law? There are distinct reasons for limiting the key
> length by the government (no opinion presented), and I thought it was
> 128 bits. So how does one have the right to create a 4096 bit key and
> not have the feds coming down on us? I sure would hate to see a
> limitation to encryption placed on us by limiting the encryption key,
> but at the same time, I more dislike the idea of some drug dealer or
> terrorist sending encrypted messages back and forth using a large key
> under gpg.
>
> Hopefully a general discussion that might be of interest to more than
> just myself. Appreciate your discussion.
>
> Dennis
You might find this link useful:
"Keyspace"
http://www.ciphersbyritter.com/GLOSSARY.HTM#Keyspace
Complete site
http://www.ciphersbyritter.com/
More information about the Discuss
mailing list