this post was submitted on 04 Nov 2023
26 points (88.2% liked)

Monero

1667 readers
30 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 year ago* (last edited 1 year ago)

Recently (2023), the default of GnuPG has been changed: a new key generated will be no longer RSA but ECC. Elliptic (25519) is a way to go: keys are much shorter than say RSA4096. Migrating to elliptic is convenient and perhaps safer, even though RSA may be still safe too.

Realistically 2048 is about 600-digit. Factorization of a 100-400 digit number is more or less possible now. 600 is still hard, but maybe not totally impossible in the near future.

25519 was designed by D. J. Bernstein, who tenaciously fought a long legal battle against the US cryptography export regulations. He’s also strongly criticized various sabotages (backdoor) in NIST standardized cryptography algorithms, such as the random bit generation in Dual EC. That’s why people tend to like 25519, over RSA etc.

Nerdy footnotes 😅

multiplying two different large prime numbers

Technically, the two numbers are usually not proven primes (not a big deal: they’re most probably primes, just not mathematically proven…).

brute-force cracking a strong key would require an enormous amount of time

Obviously, one wouldn’t do a naive brute-force, like trial division. There are some number theoretic, sophisticated algorithms, and they’re getting stronger and stronger, both algorithm-wise and machine power-wise… Not too long ago, people were saying RSA512 was strong enough!