Page MenuHome GnuPG

Don't break existing keys larger than 4k
Closed, ResolvedPublic


I've been using a DSA/ElGamal key for more than a year without issues. With the
latest security update of GnuPG in Ubuntu 12.04 my key doesn't work anymore.
I opened a bug in Ubuntu, and they told me to open a bug upstream:
I'm fine with not being able to generate new keys bigger than 4k, but I would
like to be able to keep using my existing keys. Seems like a big regression to



Event Timeline

Sorry, there is a limit on the size of secret keys which depends on
several factors. We allow for way longer keys than can be generated
by gpg to take the fuzziness in account, but only up to some limit.
You are on your own if you want to use ridiculous long keys.

Hint: You may increase the size of the secure memory my changing the

    /* initialize the secure memory. */
    got_secmem=secmem_init( 32768 );

in g10/gpg.c. Use a larger value there and it will work.

Yes, I know how to change the code and make it work on _my_ machine.
There is the tiny problem that everyone else has to do it, too.
Can we make that change the default? I don't see a big problem in using 64k or
128k instead of 32k of secure memory.
By the way, 16k of key size is ridiculous now, but it's going to be kind of
standard in the not so distant future. Or am I too paranoid? :)
Just trying to have a GnuPG key which is future-proof, also taking in
consideration the possible use of quantum computers in the future.


Please read the FAQ on key sizes and if you have a lot of time the countless
discussions on gnupg-users. No, you are not paranoid but you are tuning the
wrong parameters. IT will never be a standard. There will never be any keys
larger than 4k RSA in real use.

Ok, got it. So I can just throw away my key and make a new one?
Fantastic. Thanks a lot.
Sounds a lot like "640K ought to be enough for anybody".
So long, and thanks for all the good work on GnuPG (seriously).

By the way, is this all bullshit?
AES-256 == RSA-15360 / DSA-15360 (NIST)

AES=256 == RSA-15424 / DSA-15424 (ECRYPT2)

werner claimed this task.

I read that. It says that RSA-2048 keys are going to be safe until 2030. Doesn't
sound like a lot to me... Considering the average human lifespan, I could be
around until 2070. So, nope, not enough.
If all the emails I sent till now have been intercepted and stored (which seems
to be the case according to Snowden), using a RSA-2048 key simply means that all
my private correspondence is going to be public (or at least accessible) in 16
years time. Now, the only thing I'm asking is to raise the amount of secure
memory allocated by GnuPG to 128k to let people use key sizes up to 16384,
something that was even allowed by the keygen itself.

Judging by the lack of reply, I assume that this bug won't be fixed, correct?

No bug and I already set this bug to resolved.

dkg developed a reasonsable patch which will be included in the next 1.4 version.

werner set External Link to