[Systems] 4kbit keys

Bernie Innocenti bernie at codewiz.org
Tue Sep 14 15:34:03 EDT 2010

<silbe> 09:00:15> bernie: FWIW, Debian now pushes for 4k PGP keys for Debian Developers / Maintainers. (!= ssh host keys, of course)
<silbe> 09:00:27> 4k RSA that is
<silbe> 09:02:55> bernie: and Perry Metzger seems to think anything beyond 2k RSA is overkill (for the given use case)

Do you have pointers to argumentation in favor (or against) 4kbit RSA
keys? In particular, I'm interested in realistic projections of time and
money required to brute force keys of 2048 bits with foreseeable
progress in computation and algorithms.

I want to figure out if there's a real threat or these people are simply
being paranoid (the "what if the CIA built a quantum computer using all
the atoms of the universe and...?" sort of paranoia).

   // Bernie Innocenti - http://codewiz.org/
 \X/  Sugar Labs       - http://sugarlabs.org/

More information about the Systems mailing list