Bonjour! Thanks to the recent bikeshedding, I learnt that doubling keysize on an asymetric key algorithm based on discrete logarithm or integer factorization doesn't, by far, double the resistance to bruteforcing, which in itself is seldom if ever the weak link in a secure communication scheme.
It increases the resistance to bruteforcing only negligeably, and at the same time, it increases the CPU time needed to encrypt/decrypt & sign/verify *a lot*. Could this last property of bigger keys, significantly increasing CPU time needed to send encrypted/signed messages, be used as an anti-spam feature? OpenPGP as a kind of HashCash / proof of work solution to spam? If this proposition makes sense, that would open the way for a huge increase in user base! :-) I'm thinking about automatically sending a reply (Wanna contact me? Install GPG or use my https://encrypt.to OpenPGP.js contact form...) then deleting unencrypted emails, at the MUA level. Does this make sense? jérôme
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
