[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Strength of GPG Signing Keys
|
From: |
Paul Hardy |
|
Subject: |
Strength of GPG Signing Keys |
|
Date: |
Sun, 3 Sep 2017 14:21:49 -0700 |
This is a side discussion related to the recent discussion on this
list about verifying GNU package integrity through cryptographic
signatures.
Debian requires OpenPGP/GPG signatures for package uploading to their
FTP archive. Currently, Debian recommends a 4096-bit public key
(RSA), and they recommend using SHA2 instead of the default SHA1,
because of the discovery of attacks on SHA1. You can see the current
recommendations here:
https://keyring.debian.org/creating-key.html
with material copied from Ana's Blog:
http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/
Also, I am not a cryptography expert, but the strength of elliptic
curve cryptography has recently become suspect; see for example:
https://threatpost.com/nsas-divorce-from-ecc-causing-crypto-hand-wringing/115150/
and
https://www.isaca.org/Journal/archives/2016/volume-3/Pages/can-elliptic-curve-cryptography-be-trusted.aspx
Accordingly, I recommend that section 11.6 of the _Information for
Maintainers of GNU Software_ guide, "Automated FTP Uploads", be
updated to state that future keys be 4096-bit RSA keys and use SHA2,
as per the recommendations on the Debian link above and on Ana's Blog.
I do not think there is a practical reason for generating weaker keys.
Can anyone with more expertise in cryptography weigh in on this, and
on RSA versus El Gamal as pertains to signing GNU packages?
I am blind copying address@hidden so that email address does
not become inundated with responses that I expect on this list.
Thank you,
Paul Hardy
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Strength of GPG Signing Keys,
Paul Hardy <=