On Wed, Aug 03, 2016 at 03:29:14AM -0300, juan wrote: > On Wed, 3 Aug 2016 05:21:06 +0000 (UTC) > jim bell <jdb10...@yahoo.com> wrote: > > > PGP 1.0 also worked exactly > > as designed. It was limited to keylengths of 1024 bits,as I recall, > > which no doubt Phil Zimmerman considered sufficient for a first > > attempt.. Eventually it was considered by others desireable to issue > > revisions allowing much-longer keylengths. > > 25 years ago when pgp was released a 1024 bits key seemed > reasonable. >
Strongly disagree. Allowing longer keys doesn't hurt, except for more resources (and possibly false sense of security). History shows that in crypto what _seems_ true might not be. Very large upper bound is reasonable for DOS protection. Even very fast algorithms take prohibitively long time on sufficiently large input. I suspect building 1024/2048 qubit quantum computer is much easier that building 100K qubit one.
