On Sat, 2013-10-26 at 14:13 +0200, Werner Koch wrote: > Now, if > you want to protect something you need to think like the attacker - what > will an attacker do to get the plaintext (or fake a signature)? Spend > millions on breaking a few 2k keys (assuming this is at all possible > within the next decade) or buy/develop/use a zero-day?
Well with that "argument" you can always defeat any crypto... a "real attacker" will not care whether you use 786 bit RSA keys or 16k bit keys... he comes for you and tortures you until you happily give him anything he wants... Cheers, Chris. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
