[OTR-users] OTR-encryption not safe - DSA 1024bit is too short

. dcMhOYBdpZkH at web.de
Wed Dec 12 08:48:51 EST 2012

Off-The-Record (OTR) encryption uses DSA 1024bit (DSA goes up to only
1024bit, equals ~1320bit RSA) and is not secure for the next 10years or
so, or do you want your messages to be readable/encryptable within your

Just use OpenPGP (like gnupg.org's implementation) based 4096bit[1] RSA
encryption and create a new key every few months so you have your
deniability that OTR offers too.

Or maybe ECC (shorter, comparable, keys), which requires less computing
power, with your own curves, not NIST's ones.

[1] Note that even 2048bit RSA keys are equal to ~112bit AES symmetric
keys strength, which is still not safe within ones lifetime, so 4096bit
or more (small patch within gnupg .c file).


    RSA claims that 1024-bit keys are likely to become crackable some
    time between 2006 and 2010 and that 2048-bit keys are sufficient
    until 2030.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cypherpunks.ca/pipermail/otr-users/attachments/20121212/fad02d59/attachment.html>

More information about the OTR-users mailing list