securitycryptographyencryptionelgamal

What are good and safe keylength for El-Gamal?


What are good keylength for El-Gamal?


Solution

  • This is really an open-ended question and it depends on what platform you want to use, your performance constraints, who your enemies are et.c.

    The outdated GnuPG faq sums this up nicely on length of ElGamal keys - notice that GPG currently creates 2048 bit ElGamal keys by default.

    [...] After all, if the key is large enough to resist a brute-force attack, an eavesdropper will merely switch to some other method for obtaining your plaintext data. Examples of other methods include robbing your home or office and mugging you. 1024 bits is thus the recommended key size. If you genuinely need a larger key size then you probably already know this and should be consulting an expert in data security.

    xkcd #538 is also of relevance here. :-)