LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-30-2006, 10:48 PM   #1
wwnexc
Member
 
Registered: Sep 2005
Location: California
Distribution: Slackware & Debian
Posts: 264

Rep: Reputation: 30
PGP keys


Hi,

I am wondering why GnuPG is limited to 4096 bits in public / private key pairs. I know that there are ways to create 16 kb keys (i have seen the results, it took over one hour to generate it, though). I am wondering how this is doable.

What would i have to "type in" to get a key over 4 kb that is pgp compliant?

http://lists.gnupg.org/pipermail/gnupg-users/2005-December/027646.html I am wondering: How did he do it.

Thanks!!
 
Old 04-02-2006, 07:41 AM   #2
rolsch
LQ Newbie
 
Registered: Jul 2004
Location: Berlin, Germany
Distribution: Debian Sarge, Fedora Core 4, Suse 9.1
Posts: 13

Rep: Reputation: 0
First, be aware that key sizes larger than 4096 bits don't buy you any further security. I am not a cryptographic expert, but there are quite some discussions going on that claim that if you use larger keys, the weak point is not the key size, but the hashfunctions. And this is said to be true for signatures AND for encryption.

If you want to go for larger keysizes anyway, you have 2 options:
1.
Use openssl instead:
Code:
openssl genrsa -out extralong.key 16384
This will take quite some time...

2.
Modify the gpg-sources (that's the great thing about open source: you have access to the sources ).
In g10/keygen.c you will find the following lines:

Code:
static unsigned
ask_keysize( int algo )
{
  unsigned nbits,min,def=2048,max=4096;
[...]
You might want to adjust max, but I never tried it, perhaps it won't work.
 
Old 04-02-2006, 07:47 AM   #3
binary_y2k2
Member
 
Registered: Jul 2005
Location: England, UK
Distribution: Ubuntu 8.04 Server, Kubuntu 12.04
Posts: 698
Blog Entries: 1

Rep: Reputation: 31
Although I have no idea why you really want to, there is hacked version of PGP out there that will let you create long keys:
ftp://ftp.zedz.net/pub/crypto/pgp/pg...658ckt09b3.zip
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
yum and repo pgp keys psychobyte Linux - Software 1 12-03-2005 06:39 AM
PGP keys Thulemanden Linux - Software 1 10-19-2005 03:37 AM
Yum Upgrade PGP Keys Missing? Eklipz Fedora 4 11-20-2004 04:22 PM
PGP: Shared (e.g. corporate) keys? prell Linux - Security 3 10-31-2004 02:15 PM
pgp keys vexer Linux - Security 1 05-12-2004 12:06 AM


All times are GMT -5. The time now is 03:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration