include("head.php"); head("Key classes"); ?> For today I still don't have my CA set up. Therefor I only have not very strong keys. Here is the table explaining how I classify keys:
key class | min bits, max. validity | description |
---|---|---|
very strong | quantum encryption |
cannot be reached with turing machines, you need quantum computers for this. |
strong (aka. never reached) | 8192 bits, 10 years |
random must be taken from a real random gathering device, primality probablity (RSA) etc. must be higher than 1:2^(2*bit length), key calculation must be done in extreme (this means: 2cm wielded lead without gaps) RF shielded room by a computer without any connection to outside (a power cord is a connection), private key stored in a transportable ID card, ID card must be kept RF shielded and secure (best: always carried within your body), no backups of the private key exist (not even by ID card issuer), sign only, for extreme seldom use. (Can be compared to a computer with no networking with a password protected console access in a high security RF shielded area, so physical access to the machine is individually controlled before you can gain access to the console.) |
high (CA-grade) | 2048/2years |
created with real random with some additional protection against weakness, stored on a non (=never) networked computer in a high security area (so it cannot be stolen or surveyed "accidentially"), long (30 characters or more) and secure passphrase, sign only, main use for "batch signing" of other keys is valid. (Can be compared to a computer with no networked shell access, additional internal security measures and an invalid root password, such that a root login never is possible.) |
middle (best) | 2048/2years |
Created with PRNG with some additional random (GPG), stored on single person's workstations (PDA, your own PC, but never surf stations, extranet servers or shared workstations), secure (uncomprehensible) passphrase, any purpose, but not used within scripts. (Can be compared to a computer with shell access for users and a hard to guess root password.) |
low (normal) | 1024/any |
just created and protected by a simple passphrase for manual use, no real restrictions or security prerequisitions. This type of keys have a minimal hardness against accidential disclosure. It is considered that the passphrase can be broken easily. So a signed document with a low key has no evidence that the signer was the key holder. (Can be compared to a computer with a weak root password.) |
weak (automation) | any/any |
no limitations except that the private key should be somewhat protected to become public accessible, as it is usually without any passphrase to protect the private key (no passphrase is better than a passphrase which is known to the computer, as this way you can trust that it's weak). This type of key usually only protects against unconditional tampering such like network errors or somebody cracking a public server. It shall be changed often, such that newer distributions cannot become compromised if the private key somehow was disclosed. (Can be compared to a computer with an empty root password.) |