-----BEGIN PGP SIGNED MESSAGE----- AaronH4321@aol.com writes:
I am just starting at this. I know that part of RSA/PGP's strength comes from the size key you choose. What prevents someone from writting a 2048 bit key? Is it because computers can't handle it? Is 1024 top of the prime number size right now? Am I way off track?
In just about every way possible... :-) The RSA algorithm can use keys of arbitrary length. All current versions of PGP allow key sizes up to 2048* bits. (When asked for the size of the key to generate, it allows you to select 512, 768, 1024, OR TO *TYPE IN THE NUMBER OF BITS DESIRED*.) There are older, partially incompatible versions that allow even larger keys, though there is little reason to go higher. Beyond something like 3100 bits, it is surmised that the 128-bit IDEA session key is easier to attack. As for prime numbers, no, 1024 bits isn't even close to the largest found (there are of course an infinite number of primes). The latest discovery was of a Mersenne prime, the 35th such found. It was 1,398,269 bits long (all 1's, of course). Tunny * OK, there is a minor bug in 2.6.2 that in some cases limits keys to "only" 2047 bits -- the difference is utterly insignificant in terms of security. This message is signed by such a 2047-bit key. ====================================================================== James A. Tunnicliffe | WWWeb: http://www.inference.com/~tunny Inference Corporation | PGP Fingerprint: CA 23 E2 F3 AC 2D 0C 77 tunny@Inference.com | 36 07 D9 33 3D 32 53 9C ====================================================================== -----BEGIN PGP SIGNATURE----- Version: 4.0 Business Edition Comment: which I won in the PGP raffle at Cypherpunks 12/96... iQEVAgUBMtPCuvAmQsmyRPddAQHQHwf+NcZ54woujQVBRRmmyH3CayYmCial2sLn py0RvaXP9UGhY+vZU2HgtzaCor32JnrC67LsHH/2XLIEqjpsNzor7YwCtllsl55M 1lo4dkXfjg/jW0ijLTEbbEealRm1LziZVjIrTNsibq1GZ0UdwTb8nPens2iuHZBB QJZTBkpi0yD8xnWZqvSBwjsdavJUUOy1xU4PgNE4Nr/xbWPA0OwMGOm1MSHFXxHL xOYJvLR9905mSxh+kNdcf3SpT5JRuBjH6MQmG8GjKRGc8KoXbfUkCiXeSXlygaGA q2/z2lO4E9eTZvlrsQN1sw8uIoKTnz3YPw9nWjXTeLWx9J7WbeGPSA== =RzVt -----END PGP SIGNATURE-----