Discussion:
Create key's over 4096 bit ????
(too old to reply)
Holger Schuettel
2005-12-21 18:09:47 UTC
Permalink
Hi
I've any questions. How can i generate a keypair with size more than
4096 bits? I've a RSA key from my friend in my keyring with 16384 bits.
How is that possible? I've to try it with gnupg to generate a key over
4096 bits and thats not possible. Can you help me ?
Sorry for my english :-)
(german answer preferred)
Many Thanks and

- --
________________________________________________________________________________
With best regards,

Holger Schuettel

E-Mail: ***@googlemail.com
FAX: + 49 69 13 30 69 12 572
Homepage Gnupg: http://www.gnupg.org/
GnuPG-Key-ID: 0xC956679A http://tinyurl.com/9b4y8
Fingerprint: 96A0 B66D D1B7 620D 9C3D E5F9 8EAA B85E C956 679A

Encrypted e-mail preferred.
Johan Wevers
2005-12-21 22:34:48 UTC
Permalink
This post might be inappropriate. Click to display it.
Christoph Anton Mitterer
2005-12-22 00:36:19 UTC
Permalink
Post by Holger Schuettel
I've any questions. How can i generate a keypair with size more than
4096 bits? I've a RSA key from my friend in my keyring with 16384 bits.
This is not desirable at all.
- First of all you may encounter compatibility problems (although I
haven't found any limit on the key size in the standard).
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.

Regards,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051221/16d441e8/cam.vcf
Werner Koch
2005-12-22 20:22:11 UTC
Permalink
Post by Christoph Anton Mitterer
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.
The actual weak point is the missing bugfreeness of the
implementation, the toolchain, the OS, the microcode and the hardware.

Talking about 4k keys is in this respect useless - unless you have
very special requirements and can neglect the above points. However,
with such requirements you will also have the staff and money to take
proper decisions and implement new code from scratch.


Shalom-Salam,

Werner
vedaal at hush.com ()
2005-12-22 05:16:46 UTC
Permalink
Post by Holger Schuettel
I've any questions. How can i generate a keypair with size more
than
Post by Holger Schuettel
4096 bits? I've a RSA key from my friend in my keyring with 16384
bits.
Post by Holger Schuettel
How is that possible?
16k rsa keys are very bulky to use, and provide *very, very, long*
signatures (i tried it out just to see what would happen,;-) but
see no advantage, and have not bothered to make a another key for
security use, after trying the test key but if you really want
to try out of curiosity and then be done with it, it is compatible
with gnupg

the only existing program that does this, (as far as i know)
is the ckt hacked version of pgp 6.5.8
(available only in english)

it is available here:

ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/

click on the last line
pgp658ckt09b3.zip

this is compatible with the gnupg improved hash protection of the
secret key

ckt editions prior to 08 are not compatible with current gnupg

but to save yourself a great deal of time, i can send you a test
16k rsa key pair, that you can import into gnupg, and see for
yourself that it is nothing you would really benefit from using,

if, after trying it, you still want to generate your own, then you
can get the ckt program

here is a free translation service between english and german,
and i have used it for the translation of this message that appears
below
http://translate.google.com/translate_t

so, if the german is inaccurate, or sounds silly,
please blame them ;-)

good luck,

vedaal


Schlüssel des rsa 16k sind sehr umfangreich zu verwenden und
liefern * sehr sehr lang * Unterzeichnungen (mich versuchte es
heraus gerade, um zu sehen was geschehen würde,; -) aber sehen
keinen Vorteil und haben nicht gestört, einen einen anderen
Schlüssel für Sicherheitsgebrauch, nachdem sie die Test-Taste aber
versucht haben, wenn Sie wirklich von der Neugier ausprobieren und
mit ihr dann getan werden möchten, sie, zu bilden ist kompatibel
mit gnupg

das einzige vorhandene Programm, das dies tut, (insoweit ich weiß),
ist die ckt zerhackte Version von PGP 6,5,8 (vorhanden nur auf
englisch)

es ist hier vorhanden:
ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/

klicken Sie an die letzte Linie pgp658ckt09b3.zip, das dieses mit
dem gnupg verbesserten Durcheinanderschutz der geheimen
SchlüsselCKTausgaben vor 08 sind nicht kompatibel mit gegenwärtigem
gnupg kompatibel ist

aber, sich viel Zeit zu speichern, kann ich Ihnen ein rsa-
Schlüsselpaar des Tests 16k schicken, das Sie in gnupg importieren
können, und sehe für selbst, daß es nichts ist, das Sie wirklich
vom Verwenden profitieren würden,
wenn, nachdem Sie es versucht haben, Sie noch Ihre Selbst erzeugen
möchten, dann können Sie das ckt programm erhalten


ist hier ein freier Übersetzungsdienst zwischen englischem und
deutschem, und ich habe es für die Übersetzung dieser Anzeige
verwendet, die unter
http://translate.google.com/translate_t
erscheint

so wenn der Deutsche ungenau ist, oder klingt,
tadelt sie bitte dumm ;-)

gutes Glück,

vedaal




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
Christoph Anton Mitterer
2005-12-22 05:24:44 UTC
Permalink
Schl?ssel des rsa 16k sind sehr umfangreich zu verwenden und
liefern * sehr sehr lang * Unterzeichnungen (mich versuchte es
heraus gerade, um zu sehen was geschehen w?rde,; -) aber sehen
keinen Vorteil und haben nicht gest?rt, einen einen anderen
Schl?ssel f?r Sicherheitsgebrauch, nachdem sie die Test-Taste aber
versucht haben, wenn Sie wirklich von der Neugier ausprobieren und
mit ihr dann getan werden m?chten, sie, zu bilden ist kompatibel
mit gnupg
das einzige vorhandene Programm, das dies tut, (insoweit ich wei?),
ist die ckt zerhackte Version von PGP 6,5,8 (vorhanden nur auf
englisch)
ftp://ftp.zedz.net/pub/crypto/pgp/pgp60/pgp658_ckt/
klicken Sie an die letzte Linie pgp658ckt09b3.zip, das dieses mit
dem gnupg verbesserten Durcheinanderschutz der geheimen
Schl?sselCKTausgaben vor 08 sind nicht kompatibel mit gegenw?rtigem
gnupg kompatibel ist
aber, sich viel Zeit zu speichern, kann ich Ihnen ein rsa-
Schl?sselpaar des Tests 16k schicken, das Sie in gnupg importieren
k?nnen, und sehe f?r selbst, da? es nichts ist, das Sie wirklich
vom Verwenden profitieren w?rden,
wenn, nachdem Sie es versucht haben, Sie noch Ihre Selbst erzeugen
m?chten, dann k?nnen Sie das ckt programm erhalten
ist hier ein freier ?bersetzungsdienst zwischen englischem und
deutschem, und ich habe es f?r die ?bersetzung dieser Anzeige
verwendet, die unter
http://translate.google.com/translate_t
erscheint
so wenn der Deutsche ungenau ist, oder klingt,
tadelt sie bitte dumm ;-)
gutes Gl?ck,
vedaal
lol,.. was sieht man hieran? ?bersetzungssoftware taugt einfach nichts....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051221/85b118b3/cam.vcf
Aleksandar Milivojevic
2005-12-22 11:20:10 UTC
Permalink
Post by vedaal at hush.com ()
16k rsa keys are very bulky to use, and provide *very, very, long*
signatures (i tried it out just to see what would happen,;-) but
see no advantage, and have not bothered to make a another key for
security use, after trying the test key but if you really want
to try out of curiosity and then be done with it, it is compatible
with gnupg
My previous message somehow didn't made it to the list. Anyhow, I can
only confirm what you wrote. If you want to play with 16k RSA key, one
way to do it is to use "openssl genrsa -des3 -out long.key 16384". You
can then create self signed certificate to play with. It takes
somewhere around 13-14 minutes to generate 16k RSA key on 2.8GHz Pentium
D. On slower machine, it can take hours to generate 16k RSA key. So
have lots of patience when experimenting. Very soon you'll realize why
nobody uses such long keys. The 4k limit is there for your own
protection ;-) If you really have tons of time to waste, openssl will
allow you to create even longer keys (why not try 262144 bit long key,
and let us know how long it took to generate).

From the security standpoint, more bits do not buy you more security.
Having 16k key or 2k key will buy you about the same security. It is
not all in the key lenght. My opinion is, just use 2k key. It will
serve you well. I generated one 4k key some time ago, and have almost
never used it. Looking back, that was really pointless thing to do.
Atom Smasher
2005-12-22 12:46:51 UTC
Permalink
Post by Aleksandar Milivojevic
From the security standpoint, more bits do not buy you more security.
Having 16k key or 2k key will buy you about the same security. It is
not all in the key lenght. My opinion is, just use 2k key. It will
serve you well. I generated one 4k key some time ago, and have almost
never used it. Looking back, that was really pointless thing to do.
======================

to paraphrase bruce schneier: what's more secure? a fence that's a
thousand feet tall or a fence that's ten thousand feet tall?

that said, computers keep getting faster and attacks keep getting better.
back in the early days of PGP(tm) a 1024 bit key would have been
considered bigger than you'd ever need. history has shown that 1024 bit
keys are now generally considered the smallest key you'd want to use, and
may not be "safe" over the course of the next 10-20 years.

the thing to bear in mind, though, is that a 2048 bit key isn't *just*
twice as strong as a 1024 bit key... (according to my math, please correct
me if i'm wrong) it's this many times stronger:

17976931348623159077293051907890247336179769789423065727343008115773\
26758055009631327084773224075360211201138798713933576587897688144166\
22492847430639474124377767893424865485276302219601246094119453082952\
08500576883815068234246288147391311054082723716335051068458629823994\
7245938479716304835356329624224137216

a 1025 bit key (if there was such a thing) would be [merely] twice as
strong as a 1024 bit key. a 1028 bit key would be 16 times stronger.
compared to a 1024 bit key, a 4096 bit key is stronger by a number that's
represented by (about) 4624 decimal digits. since no one has publicly
broken a 1K key i feel pretty safe using 2K keys for everyday stuff.

also, anyone considering huge keys should read this section from the
diceware FAQ - <http://world.std.com/~reinhold/dicewarefaq.html#128-bit>
and remember that breaking a key is the hardest way to "break" pgp...
there are a lot of easier methods, such as key-loggers and spy-cameras.
--
...atom

_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------

"What sane person could live in this world and not be crazy?"
-- Ursula K. LeGuin
Roscoe
2005-12-22 20:34:27 UTC
Permalink
Well, I don't think the difficulty of breaking a asymmetrical key
doubles per bit like it does for symmetical keys.
vedaal at hush.com ()
2005-12-22 05:58:23 UTC
Permalink
Christoph Anton Mitterer cam at mathematica.scientia.net wrote on
lol,.. was sieht man hieran? Übersetzungssoftware taugt einfach
nichts....
i must agree with you *completely* about this :-)))

i just translated the german translation back into english
using the google translator program

and it was nothing like the original english message at all

i didn't think it would be *that* 'bad' of a translation !

sorry for any confusion it may have caused to the original poster,


vedaal



Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
Aleksandar Milivojevic
2005-12-22 12:41:20 UTC
Permalink
Post by Holger Schuettel
I've any questions. How can i generate a keypair with size more than
4096 bits? I've a RSA key from my friend in my keyring with 16384 bits.
How is that possible?
Your friend probably used some hacked code that has limit removed. Anyhow,
generating such a long key isn't going to buy you anything (other than people
making jokes about you). The 2048 bit keys are more than sufficiently
long. If you *really* want long key, use 4096 (you are not going to be
any more
secure, but if it will make you feel better go for it). I've one 4096 bit key
that I almost never used (the ones that I did use we all at most 2048 bits
long). This includes both PGP and S/MIME keys.

It would take *very* long time to generate 16k key. On my 2.8GHz Pentium D it
is very slow. All operations on such a long key would also take a lot of CPU
cycles. See for yourself:

$ openssl genrsa -out looong.key 16384


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Johan Wevers
2005-12-22 16:24:15 UTC
Permalink
Post by Christoph Anton Mitterer
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.
That depends on what you consider important. Hash functions are only used
for signing; for encryption, currently the 256 bit algo's are the strongest.
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
Christoph Anton Mitterer
2005-12-22 19:42:39 UTC
Permalink
Post by Johan Wevers
Post by Christoph Anton Mitterer
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.
That depends on what you consider important. Hash functions are only used
for signing; for encryption, currently the 256 bit algo's are the strongest.
Yes and no,...

(btw: The strongest has should have 512 (SHA512), or am I wrong?)

It is true that you don't directly use hash functions when encrypting data.
But you need it indirectly too.
If you encrypt to another key,.. your implementation is going to check
the validity of that key (either you've signed/certified it yourself or
via some trust-path). And these certificates are "bound" to the hash...

Ok,.. you could argue that one use its key for local encryption only,..
but perhaps one should use other tools for that task...


Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051222/dd0e65a6/cam.vcf
Johan Wevers
2005-12-22 17:30:27 UTC
Permalink
Post by Atom Smasher
a 1025 bit key (if there was such a thing) would be [merely] twice as
strong as a 1024 bit key. a 1028 bit key would be 16 times stronger.
That is true for symmetric encryption, but not for the algorithms used
for public key encryption since the attacs on RSA and ElGamal are better.
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
Ludwig Hügelschäfer
2005-12-22 17:40:54 UTC
Permalink
Post by Johan Wevers
Post by Atom Smasher
a 1025 bit key (if there was such a thing) would be [merely] twice as
strong as a 1024 bit key. a 1028 bit key would be 16 times stronger.
That is true for symmetric encryption, but not for the algorithms used
for public key encryption since the attacs on RSA and ElGamal are better.
That's true. Even considering a brute force attack, 1025 bits is in
average only sqrt(2) better as 1024 bits.

Ludwig
Atom Smasher
2005-12-22 22:59:57 UTC
Permalink
Post by Ludwig Hügelschäfer
That's true. Even considering a brute force attack, 1025 bits is in
average only sqrt(2) better as 1024 bits.
===============

so, does that mean that a 2048 bit asymmetric key is (only) this many
times stronger than a 1024 bit key(?):

13407807929942597099574024998205846127479365820592393377723561443721\
76403007354697680187429816690342769003185818648605085375388281194656\
9946433649006084096

??? sqrt((2^2048)/(2^1024)) ???

i never studied higher math, so apologies for any confusion that i'm
adding to things.
--
...atom

_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------

"The real truth of the matter is, as you and I know, that a
financial element in the large centers has owned the
government of the U.S. since the days of Andrew Jackson."
-- Franklin Delano Roosevelt, November 21st, l933
Ludwig Hügelschäfer
2005-12-23 01:45:08 UTC
Permalink
Hi,
Post by Atom Smasher
Post by Ludwig Hügelschäfer
That's true. Even considering a brute force attack, 1025 bits is in
average only sqrt(2) better as 1024 bits.
===============
so, does that mean that a 2048 bit asymmetric key is (only) this many
13407807929942597099574024998205846127479365820592393377723561443721\
76403007354697680187429816690342769003185818648605085375388281194656\
9946433649006084096
This is something around 10^156. This doesn't match my result below.
Post by Atom Smasher
??? sqrt((2^2048)/(2^1024)) ???
Exactly. This gives for me 1,84467440737e+146 - please correct me when
I'm wrong.
Post by Atom Smasher
i never studied higher math, so apologies for any confusion that i'm
adding to things.
If an attacker wants to find the specific primes whose product make up
the secret key of the victim, then the the primes are usually around
sqrt(keylength).

Ludwig
Ivan Boldyrev
2005-12-25 04:48:56 UTC
Permalink
Post by Ludwig Hügelschäfer
Post by Atom Smasher
??? sqrt((2^2048)/(2^1024)) ???
Exactly. This gives for me 1,84467440737e+146 - please correct me when
I'm wrong.
(2^2048)/(2^1024)=2^1024

sqrt(2^1024)=2^512
=13407807929942597099574024998205846127479365820592393377723561443721764\
030073546976801874298166903427690031858186486050853753882811946569946433\
649006084096
=1.3407807929942597e+154
--
Ivan Boldyrev

| recursion, n:
| See recursion
Ryan Malayter
2005-12-27 01:56:37 UTC
Permalink
Post by Ivan Boldyrev
sqrt(2^1024)=2^512
The factoring algorithm with the best running time is still the GNFS.
See http://tinyurl.com/dlyl5

GNFS has a running time of:
O(e^((64/9*log(n))^1/3 * (log(log(n)))^2/3)

When you subsitute 2^(keylength) for n in that equation, I get the
following table for RSA key strengths and the comparable symmetric key
length:
RSA Key Bits Operations Symmetric equivalent
192 1.92821E+12 40
256 1.11356E+14 46
384 8.09434E+16 56
512 1.75249E+19 63
640 1.78448E+21 70
768 1.0746E+23 76
1024 1.31176E+26 86
1536 1.30666E+31 103
2048 1.52656E+35 116
2560 4.71401E+38 128
3072 5.77594E+41 138
4096 1.28186E+47 156
13568 1.28393E+77 256
--
RPM
=========================
All problems can be solved by diplomacy, but violence and treachery
are equally effective, and more fun.
-Anonymous
Johan Wevers
2005-12-22 17:47:32 UTC
Permalink
Post by Johan Wevers
for encryption, currently the 256 bit algo's are the strongest.
Please don't mix symmetrical encryption strength (I suppose you are
referring to the session key length/encryption algo) with asymmetrical
encryption strength.
A chain is only as strong as its weakest element.
Indeed. And the stmmetrical algorithms are currently certainly not the
weakest element. A symmetrical algo with no better than brute force attacs
and 128 bits is comparable to a RSA or DH key of about 2400 bits. The 256
bit symmetrical algo's are of course stronger, I don't know how much
compared with public key strength. And anyway, because breaking the pubkey
algo allows one to read all ancrypted messages and breaking the symmetric
key to read only one it makes sense to try to make the pubkey algo the
strongest element.
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
vedaal at hush.com ()
2005-12-22 22:04:48 UTC
Permalink
Message: 4
Date: Wed, 21 Dec 2005 22:12:03 -0600
Subject: Re: Create key's over 4096 bit ????
It takes
somewhere around 13-14 minutes to generate 16k RSA key on 2.8GHz
Pentium
D. On slower machine, it can take hours to generate 16k RSA key.
So
have lots of patience when experimenting. Very soon you'll
realize why
nobody uses such long keys.
even after it is generated,
it takes much longer to work with,

the signature block alone, is 44 lines !

here is a sample 16k v4 rsa key pair, with rijndael 256 as the
preferred symmetrical algorithm,
the passphrase is the same as the keyname: rsa16k

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (MingW32)
Comment: 16k v4 rsa // esca // aes-256 // no subkeys

mQgLBEOqMIIBQADOLnatcT5OkI4Q0WApTbqZ7DULalwwzHmnY+HhZKSDTJIAdJ5L
W1IleD88aqplyHQJz3E8t0BSsy1AAQjX2xXK013a4RA89gDUkgAFgSr1bN3hgXWR
2du+jVH4HGtsCQi8gzIOwr25WKlPm9PpzdnBWYWuR5F7xnbUtY+zvm+mWItrlxTK
Og/qsJZhqUJtVWHvsAciK7N9tfhYQQh72q3nrEaNpPsy7+8d0Aw5gpyvyrDEP8Sh
jPCVi3A+TPKJ2BvoBNIusblV3Lqta+PQtP6/Jah4bimEdyxWN617YdU0MGovEhDz
8K91DxEUtyyAiKWxuqE7XnkZzyb8jXHzdHN2H0/bsw782Z7V18rDwaRGXibTEDea
u7/22Tnlc7+Rqu59kemvu02t4thVQSvUvcdV5Zi0HB1j8ZHXH15ywwzwdl2jZQCL
2vedNj0I5ZfvZ24tDWKwzwG3QgNNEBYJLdodQkwFmmAX4SgAqqZkfSGDhSzmrbBy
+7qkFs6WA/fRzg6wenjhSDoy8Ekphm/1E73RUct8Hu/uhtWYUvwF8UbmGx2dPwIO
mNYbdAur8BWEfcztlez1zst+wTq8dZzj9VY8eTalcEJE0hlzJuPYm4UytpkcOXye
g7tk/0Z51YBaS4oPLY3CPRt/36AgYGutAc5FWM7KfNh4EVI3eofO4ZModeiT3CI4
b4Crswbn0hP7Pz4LzpTd6pxsQ8awzMxQzCdpIPIazjMNzsEdh2DD/l2AREkEas6+
zIZcbvGrtPt6kc/xwJQIzR+7KwFw+7kce0314cbRDd6AG05B2Shki6HNOLnJmzje
qfXVN8dUZcl/qrnv6oGo02x5xTcLVw4gjYcr9DrGh3JZNLeUSTcQefu5cnHu5ZeX
Gtt7d5oMQNZAC0kji3gJwZ1ZyPsz/jKpGo9/m8XxvOgabU344ONYXb7Rp/etJSbg
0wfVOJbYPB7li/dsSaKjmIEh6HJ95Uv/Fjy0/8YwJAp2Citpc+yAWkXqInj7jxs0
PcpaJmJDP0clWM+pBlrvyGilzRSBiEcSjB3rBeLmLNO72fxXCBEdw97A7TxzFKci
Nai4UMRzbMPqT7sUI5wZPcDkcFV0o1+N8TjUKQUuU7pkv5Wc6/sIgZAh3ZPDhifz
iYVyXH5fzIjYkuUbVPo0pG9pP51XQqC/ickSlF695cIbDP2kksx52kz64X9jmb9Y
0bySoGBTfuHmpNfnoghIaABGFi93frTk6PXGLtfci0PROL8qWr6764ySjzsbzSl/
PEUaTEt3gtDdy9QI7hsDDuyOuNsKI+wumHdMtwsoktgZGUwW8wLcyRjFhmgR0IYq
V/SYzyBarhAcVgcAI/YQFqJGgEf+PHGro9r5o9xx/lk/97YZbZr/jAUt63Rj8VNe
qBFgi0BnnoAQvG1jLVtt3ZEq5y66HNamViT+i2YJGP174BZqQn1cP8wllz1bWK48
2IF+Ib8TCQIYTuA3ISsNjvG3hyE5tmmLjWrZoyoKpEnRpCtARC+wV9p/raizscK7
5yGxXiXb0vVVqs3rzDvV5AhHfiAJ/SFvev9yCe8M9edufNXr8FQOGN/iCmy063WG
0uR/bJdAsk7EyYfHpXYAURsvUjq1g0Ou9SDk/zjCSu2Jt2PoMjFSlpAxhgrHTxFZ
7UTyxngnAa/FEb9IOqipj9miaWriTOd72CI0IQhWEOHTHZgQUX+7aQgGGz058++H
BJXqWcuvyxik9MRKc/w/vYdnhayN1sFs0fAnWAZ7Xkqam3IX1SXV8U4aJVrb/ioJ
VjD3p/SfIIwlXXHxhVYiS6Bk+mpKbWEU2Cez8l9/EmLpVT1Xqfor182asSH5waf1
xIvAlKI0KQm6X3+jqu65TEJ/u5elMhSK6WHClOREHo1v2l2S8QGOHN4gZ7JbktYQ
DGooE4BD6j+MBEpN60+vVxRJKoOHFfLSUSrlPzktPj23W3uztDYVmkJdY9kldY8F
1f/yKGwbUrwJzx7ZnxXb1tJYO1dE4Qin9l1+tawfhG6uk+smjZWsnLupAhUYQRwH
nNfpluhWI0rJTPvTP8dLUEA/vvXd6QZTkbu503eUPidiuetrmy6fFYqPfDMnn4ll
AsKOoUqFUATXMKyNd2SZgWuSMhv6f2ZMyzOsDWfnJrMrGD6pKfirgVxJDhG0a5AU
leNZg8r0ByAd1F8K/HViuUlIvV6wq4VrPJ1FEFj5fqBnL494swcmshnVbvR6+W9K
Vz3zhcogl6AArxhIaxGLDhCj8zzrleS8eeUMX8XuiYCqZvE++qL+5gk9bq018X0Z
qf4vVPvbJglBPR/t8irfSxeZGIgqFS8LpIlAMnuBf5uUNRKg+t89IuKy51PXQcFz
FYWreBl0PuC31oAlEfw4SC/aJsLufCVfZqAbSFjWof60ImsHNDTB4ld75P+EyYSf
D53iyrVHCmz9cZ2yA7KSC7ZueDx9oeEat44fqG4o4KyX8FWo6pqfCRuW83qKytyp
1D8cZu2TWQ5Oj+bH/Im6rty5QNmnrScBEyFp9WI7qQUiqp4afIVazfXE0R91fPFl
a+1AyPP0azubyoYceIyG3pby4B8sj7rzmMhzr+VtFiwicFOqiqOecCD8+jLd8aJa
6TT9HXtxlah2HYRZ1zRN7Z6ZGL5/kRqvDxg2Nhs/ahAuXIW74E0fSIEjRxtKVW/Z
TUCcVqgxpEMDJuqwqLafguOAHtxdo0DZ7zTcmvSIrf2BMLY7zIMHwyghAQAFEbQY
cnNhMTZrIDxyc2ExNmtAa2V5LnRlc3Q+iQgpBBABCAATBQJDqjCCCQsJAgoIBwMB
BAIZAQAKCRADNte/5clRO5PfP/9XjdOB+WvrhnX2hJ3QAJ5YcDQzvNIL3xpXHbLH
lhKplMxtYUInvNOuw5Zl6ei5eOY+Um2lJiJQ25nZPTCnqLE8g3S+hA7H+TiXubzr
idKAB10aBXao5N+CA2ManVSdOocjR0CTM8CQ1kBY1qt+0j+oPsK5SapX9QY2FNKr
8lsJ/QQWST/hVGzwi62873BQcpQCfZJH1o+I3m1brhGmNcPujRO2XbUBO7mP9KF9
dZQL6faRC836Pp+g2mmVSYWkJKGhS6wqY0fhg3iJi4ySMHF/wlQi5bxhrDM9uUK6
l+puKeT0JOnAjNMoQqGjsAgT2TENxUZEDwDJAt0bgfP3Oi/q8RZlPN3mvwyrJpRa
a+lfH3wa2NaaD2fmvlwi6cEhArQaDn7uHe5ZAoaNFRMDweAnALTHaEzrdNZF/Zwx
CONxFuns79thVT/dvnES/o7MetWRif4mIwNwEwFp/PHpuaJs2NgabmJP2rNODQYt
NDjrsyu+rhQfVSqbAy7e3hVvqhJpdUc2fL6N85+AX6CVaasGh22YqiDKkr6STVxJ
fnFCeeRShiFW+dsaySJxv4ooweLihyciIHEcsFuEypoMYqvT/IHmTLeP9ZRsMzuW
lNFD8KnhtPLyiqAUL2X2lWxCGV1mcj/jqXdMidnJ2mNGUsnFQin6EMM0lCMs3nmx
cmK7pPKeYmyFAC+n3XLSMTuqm3u0VHuQd/pcTpNRA0yaJL91w8nEwdRRGudOyRZE
UH13oJkI6lEaQq60yuGvGZZrUilqLNQQ+Kuk4psyVgG7a28zn7UpWSuSHeipR/0d
rIZAL4duATFQI8o8StxwG9xR+NA4HdBcGGEtGSXsi1aRBL9JsnaX/S3Cnt9Xaupv
Oebg6rz1akeobXZBzbzlLL33rZo3VO3mCJ2X4uexCCV0Dx0BQu5TJMwSHW2kCwnt
fvJlcom0deL3G2WwPitEh2KNu7f5fOEWhg7balu5HROwexzCOGk6chaikaVjpnMd
kfcPoafZhQalJGq+H6tVRQnFVDdHJsESSu1P/Yi1pSjmvBKnSCGfPiJnJYn0FoUR
RHP5vL+cwqf5ZAPifOS7ONITWe13/dz5mKr4G0kteWCyMwor4Y8jpuYHvXmx9s+f
CKmOqSD97Bn7Bnu9Qx0x2RWjVadLdLZt1/dP0UAnqlcKRKW38u0dQFdw/PuYJnIP
26rHXyY7/UHPiR75NUA9xT2z7Szy2lMdHDGb42ZyX22bmGoGMv7mtwc00C1LwMFW
To/ZUYWuyzihwVN4r+/X3b9cXI6ciC4YxpDdEBGvXO6PCjBINArvxt1xjL0W/2V6
RpcurPADcDiFjgfcybSwvwHxGqnJT1gVH5Ese63P0isAzxTNwrkdTBa0GsHmTB77
Yksu7egNbAhYhVKF0z55LLXkywc7Agqt0kcLNexfPXDlJT3H855pO2rfsqolVR4Q
RS/pVB1IooLL4YtukNQ7RwXSCVAdrI07N/ny98GGYZwQ+ChzMDjftLaFU8z2GSQ1
APs4A/ClSYqvqqKzOwFiUK2Y+zhleKZB/uAMgEx6vGcGTIebZ4ltEO/avS04Kz9L
jCnE+idBfrVCpG+okT+MEi8V+lXIcRqutFX5Vqe3i0mzCb9QdvO98bbJgHrkKEST
GQudX0ZlYmVcVMg1GVpfI0COfB0kYGLyBxIbGfftIniSqjIn4RjaCg3N5QgOBjhL
2BKnT3bp36k/sg4CsWi0bxOiRzCmgkbyOHdwaBagOuI/ecmU0jcBaegUl+HBY47L
JP8VwSMuKP3wttFjKwOezK7QCvxVlIFNPyC/5w4u2ulMecKbg1SQh1/8LD6/yJ9H
Kp+tP7oRhPPQKwf2wsUv2FAvLZkrbGr48zVVQhU9GwJJXFC3pkRJY0D0iai6qSEn
QPJsd+km8uk6K+iTX0v+0nwvHQzxGBQDX1GZZgLg+NH4zDKaP2adMnvqy3sCUQvg
A/OBJNse+NphittKRRy/GAmSz0bz0mfgHZIcFlRdeKVB0IjHq1h4QB+r6mxX/6n6
CfJreVLP5XyQfUt5AIkxd7CtQtKZxKeHIHKSnBwijySQ0co2GgQgYkncg+RG8eIU
voiLFPhvhFYB5WAMsmWz4wtX2GUV9pBVfjX/NJ/CnlP8qJ4eE96P6nCohuRESpsw
/4FY1E4UOl1YPZTaKPi8QCrya8OpzbBcUfmN88ebIuPM2bn2zBZn932ALfLX503N
KZ3dohFJ6/oqKNmgLW6Z2fSwf32fHVwMgH02VFG/r7e7grksbJ6KP5AmDa5NURIK
Q5X+pfrm6gimABLZ7sciBHrm06IRi3LDyKeAJsiv9tT2e+weW6PVUK/RlOfpK5h3
1dGY47vNSePL7wW99yXlAIu++AayUx2SliL6EtEwftPbeUHVCpetUyICd1wypOk7
gMF9cWWl59MaBOLDS3X7geCzP5q5Jy6tF97Zl0WTom0NAYF0bUGr9J0LEj8No/1t
6cOPn4mtZrRgs771RFTWosKOrwqpSQS/LYAPhRneTQJXtuV5Gk6RkITB6/CTkXWw
7u4vWXVkAaSBIobVac8nKSCvgcSY42Qp5jFLfwYVOOl0nnxHdjfi3smqNdhBeXRh
lQcGqBiTFvW2dEoFuptqseqhdGNMWund1OZXl+NDTKXEvZnx/4n1cUFAR0wmtUwM
V+xciOOBCDVQ9GNyEOO0ExQcji6VQ8L8wpDQJaZcxDsTXptFUMSXcjws/woAv/Td
brCk/g==
=tCtI
-----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: GnuPG v1.4.2 (MingW32)
Comment: passphrase: rsa16k

lRxEBEOqMIIBQADOLnatcT5OkI4Q0WApTbqZ7DULalwwzHmnY+HhZKSDTJIAdJ5L
W1IleD88aqplyHQJz3E8t0BSsy1AAQjX2xXK013a4RA89gDUkgAFgSr1bN3hgXWR
2du+jVH4HGtsCQi8gzIOwr25WKlPm9PpzdnBWYWuR5F7xnbUtY+zvm+mWItrlxTK
Og/qsJZhqUJtVWHvsAciK7N9tfhYQQh72q3nrEaNpPsy7+8d0Aw5gpyvyrDEP8Sh
jPCVi3A+TPKJ2BvoBNIusblV3Lqta+PQtP6/Jah4bimEdyxWN617YdU0MGovEhDz
8K91DxEUtyyAiKWxuqE7XnkZzyb8jXHzdHN2H0/bsw782Z7V18rDwaRGXibTEDea
u7/22Tnlc7+Rqu59kemvu02t4thVQSvUvcdV5Zi0HB1j8ZHXH15ywwzwdl2jZQCL
2vedNj0I5ZfvZ24tDWKwzwG3QgNNEBYJLdodQkwFmmAX4SgAqqZkfSGDhSzmrbBy
+7qkFs6WA/fRzg6wenjhSDoy8Ekphm/1E73RUct8Hu/uhtWYUvwF8UbmGx2dPwIO
mNYbdAur8BWEfcztlez1zst+wTq8dZzj9VY8eTalcEJE0hlzJuPYm4UytpkcOXye
g7tk/0Z51YBaS4oPLY3CPRt/36AgYGutAc5FWM7KfNh4EVI3eofO4ZModeiT3CI4
b4Crswbn0hP7Pz4LzpTd6pxsQ8awzMxQzCdpIPIazjMNzsEdh2DD/l2AREkEas6+
zIZcbvGrtPt6kc/xwJQIzR+7KwFw+7kce0314cbRDd6AG05B2Shki6HNOLnJmzje
qfXVN8dUZcl/qrnv6oGo02x5xTcLVw4gjYcr9DrGh3JZNLeUSTcQefu5cnHu5ZeX
Gtt7d5oMQNZAC0kji3gJwZ1ZyPsz/jKpGo9/m8XxvOgabU344ONYXb7Rp/etJSbg
0wfVOJbYPB7li/dsSaKjmIEh6HJ95Uv/Fjy0/8YwJAp2Citpc+yAWkXqInj7jxs0
PcpaJmJDP0clWM+pBlrvyGilzRSBiEcSjB3rBeLmLNO72fxXCBEdw97A7TxzFKci
Nai4UMRzbMPqT7sUI5wZPcDkcFV0o1+N8TjUKQUuU7pkv5Wc6/sIgZAh3ZPDhifz
iYVyXH5fzIjYkuUbVPo0pG9pP51XQqC/ickSlF695cIbDP2kksx52kz64X9jmb9Y
0bySoGBTfuHmpNfnoghIaABGFi93frTk6PXGLtfci0PROL8qWr6764ySjzsbzSl/
PEUaTEt3gtDdy9QI7hsDDuyOuNsKI+wumHdMtwsoktgZGUwW8wLcyRjFhmgR0IYq
V/SYzyBarhAcVgcAI/YQFqJGgEf+PHGro9r5o9xx/lk/97YZbZr/jAUt63Rj8VNe
qBFgi0BnnoAQvG1jLVtt3ZEq5y66HNamViT+i2YJGP174BZqQn1cP8wllz1bWK48
2IF+Ib8TCQIYTuA3ISsNjvG3hyE5tmmLjWrZoyoKpEnRpCtARC+wV9p/raizscK7
5yGxXiXb0vVVqs3rzDvV5AhHfiAJ/SFvev9yCe8M9edufNXr8FQOGN/iCmy063WG
0uR/bJdAsk7EyYfHpXYAURsvUjq1g0Ou9SDk/zjCSu2Jt2PoMjFSlpAxhgrHTxFZ
7UTyxngnAa/FEb9IOqipj9miaWriTOd72CI0IQhWEOHTHZgQUX+7aQgGGz058++H
BJXqWcuvyxik9MRKc/w/vYdnhayN1sFs0fAnWAZ7Xkqam3IX1SXV8U4aJVrb/ioJ
VjD3p/SfIIwlXXHxhVYiS6Bk+mpKbWEU2Cez8l9/EmLpVT1Xqfor182asSH5waf1
xIvAlKI0KQm6X3+jqu65TEJ/u5elMhSK6WHClOREHo1v2l2S8QGOHN4gZ7JbktYQ
DGooE4BD6j+MBEpN60+vVxRJKoOHFfLSUSrlPzktPj23W3uztDYVmkJdY9kldY8F
1f/yKGwbUrwJzx7ZnxXb1tJYO1dE4Qin9l1+tawfhG6uk+smjZWsnLupAhUYQRwH
nNfpluhWI0rJTPvTP8dLUEA/vvXd6QZTkbu503eUPidiuetrmy6fFYqPfDMnn4ll
AsKOoUqFUATXMKyNd2SZgWuSMhv6f2ZMyzOsDWfnJrMrGD6pKfirgVxJDhG0a5AU
leNZg8r0ByAd1F8K/HViuUlIvV6wq4VrPJ1FEFj5fqBnL494swcmshnVbvR6+W9K
Vz3zhcogl6AArxhIaxGLDhCj8zzrleS8eeUMX8XuiYCqZvE++qL+5gk9bq018X0Z
qf4vVPvbJglBPR/t8irfSxeZGIgqFS8LpIlAMnuBf5uUNRKg+t89IuKy51PXQcFz
FYWreBl0PuC31oAlEfw4SC/aJsLufCVfZqAbSFjWof60ImsHNDTB4ld75P+EyYSf
D53iyrVHCmz9cZ2yA7KSC7ZueDx9oeEat44fqG4o4KyX8FWo6pqfCRuW83qKytyp
1D8cZu2TWQ5Oj+bH/Im6rty5QNmnrScBEyFp9WI7qQUiqp4afIVazfXE0R91fPFl
a+1AyPP0azubyoYceIyG3pby4B8sj7rzmMhzr+VtFiwicFOqiqOecCD8+jLd8aJa
6TT9HXtxlah2HYRZ1zRN7Z6ZGL5/kRqvDxg2Nhs/ahAuXIW74E0fSIEjRxtKVW/Z
TUCcVqgxpEMDJuqwqLafguOAHtxdo0DZ7zTcmvSIrf2BMLY7zIMHwyghAQAFEf4J
AwLkUf+nITYPpGAbWRMynwTX6h8CNrvNPB7SOpwmc/nn8YgPzhcs52FacPpUMEvP
utgg7qyfXbRmLVWwLUMlEddwzm8FrzPIuSwgA+g6qeiNBO/r46mrPaVz5jRnHc2U
HGmBhChruO5tT8So7C5mTen1EsgKcYKAkY3IgmKBnE4K7Xs1olKLGEed+/o4fm38
TWD8kCU19G4lKgL2jhw822VGF7rdaRkaVAFxzQTKTnYx+M4fjO8e6rnAcVeo+6kG
xXkZK2JsT0dfHLT/C+5tUIPYvWn7zZirPFp80CXh+NobA8ruKZqZShjY2afVAedG
pDscjoRr0SnLeqMelAMDxN+5VbWXzmAub9vrlrMa0NrVFTfihQWH8T48RFM3YYKb
wEP4niXiGb4fq/jT+GYfiKij1tUNgqky9oLnw7+ZqJlvDy+QfRkGkQ1NF6JdKEyK
ZlcAYGKacxQ/O/3CyoQhLW8VoKtUOKFVineFiDDseguaLkHsoAV6VyTVn8HIIjlK
rpKtamPsj5raZz6u+pyGM+zPMw5yfg7xMwFodJnVuKQAPGAhdmK9zLvABhzhg4Bq
sY6DCFZygCbTQOvM5bR4Af1MzGAaHyaPEUYGAd9ivbjixWc2HYg+h/92w7K+Wxmf
RMGXPUr2WYHowfqS5DQqv2WrJSxDzBuQ1NxBUyP8uaZtAllkbCpjwoz3CICpNRdI
8j/Q/rDlBhfQnD/4nCqy2RTo0Ff6PeL87sqknr/pSEiSZc+fNd9Vlv3PR/Q/rLca
EuRkqLN1gRAUMBn/xX4lm1rmITtygVm2kSF4Hw4zL7OBXPZLtkCDhjEBD3gGKRRf
EL07v9l6U9Ibl2uEhzulOObEsdbkIuUoepVFz0Cy5eLtHVs1jBykpaZTXZ+h8GzN
A97U+/NZcWlYKDT9582p/1XEwb+MnG71K9LfGtqJAVAfZ4j8XZWzwx/6t3UURPk7
nvpUODtGbn6D+8snIgcfFDvRIEHjfJREKLMVc6+E6FMWjRXxmKUol/kQJM1oS9wv
jLc3GZQZqQstmN4jApgWzgFa4kEOx4m7Aaw2GES1nPEzyuazEl/JJS7upS2T2hdo
gLLfIaYlKhYpi6ZyQLYc7QnaJjxPzk45SrqATpimGCBH5iRaWHJM6UiEYG3TOMmE
tFmpNpsBoVkuzwF6yPmhsqBBGRA9ZEQyRpCPsL2iBZZfp21u9DsSnB5icB2cNnT6
EYRYx4hM8qUqw3LoziUFuHlUlx+CRXYBoh0tWVo8Fb58EL1QtZ5Oqi7PQuykt650
x1aJ9DufTFgWSDlG7XMWiH+ilmPKVs1cvBk453kVpTEgDpybHr5PbH60JhEmKwwr
Qm5E3/0hNHhtq9nsC5xTBf0sNsQ8JRpn0iwsysKBmyQ+0w1fTpRUjun3NRqndCZJ
A9ITKUNdgDaUvblkPSLAyEtiz32Nvp3B7X7QHxMAW7v0teiZUni8YyQNKBiPQg/e
zXgodBRk7rspsHZVfitn1nbjyRYCoSx1FlbjmnOOStCZq9JR/N9NJF/bTkCPY/8u
oOOxWD5Z62GHLbTm38FwWPoflHRfL0roopCSyCYKpQ4uL3ZvYsm6qbjbD23ngx+s
rFjacwSOTnqyCqhvlClfh4sKJmRjNEg2+YzTVKzfPVz6XK/lILXbfgYds72PCgBQ
ple/bCqLaS8WRd+Py916uf036ysinJ6fX5jL2iqd5sFGAx8aTqsNycZVma0w3PX5
SyvxEN2INZbDRAKzq62957tBFpdscDbu5clL+eZOR+2bCJ55zsiRpS/h/0ci25yN
UfSAACMM6uN0tbA8xUmE6lTakmY+aTuH29l/+WlogtT3JATE3Iy8uR51v9F2UTnu
1jx31m3mFfjFvKKYU70PTXrzzxE/xLbfKjqsIZlWh6Pqw+pxHz0nQ/qfd6rHopIi
rYeZbCMhbsMWI9ctSl6ukMzot02Y6jz6M2EDZm0AEVxT1xDJKZxAiD/MO72gc+ca
buJ0WTdP/HUoWJqddFuw3/CRqLxHiI6havvORaAkW68Dj+vf/aqdpvmbnst24jZe
i6qdynZNG19xZmTu87ZyNZkapEuetJHvPKwabtRcTlcPfutCYPhx7+zZQERCPtbh
Ho+9NTLOBbvTTv0/MfBa2j559nn80kiUlhasZ1dy16siUX7SYdR4N2bFTeKcWb5O
hewWiw1NJkcAgOwfKGSKECzlTE5ErJEsh4h9cwVT5B/14jIOd2brTH56oFHNmCWf
NiUuGAqnWH4hW3QgFX22fVynjoA/1+G7ewXYxw4LMCbMXadqjldGq6j2NLSfDjrw
7dsNKu0ZngLuqGuhJCPIg3HlkQPAaKY12p0R4Fcn9vejxmoukxtPizBW5OoRqrc8
eM6sRfYEbYgcbLu1D4ad0GTK5Laf1isXOIQNSM+/BLdih4tSNstvs2qU27+i3vXO
cU+EDCuG2LE4iuPb+KQv/U756S43Z1/babKgq2OVCm4RbFNSb/QWUW9jTZZ/C0hv
yZjev8PjkTlDkrmSDmDYO0QFDk4Q2VkNKtGj7NfAGeDaFN04mLfcNHcmt/Gdn3ZL
rO8TGtUjv0tB7j7a0fWvsjKy7REnQso+forGTcTSN9wJNe0vtEE1wWUQhpdM0ZEE
/p8JkRa6+DVCyxidIOA0fnPcyHpASi+oin/i79vBfRwWwxsh3yII5T3Jeoq4TRzD
6oi7vcLMxpOONxZ75ePOJDCt26Tl7NZAvic0nr5/B+DONxk/gfUshHXTOkdnwSd8
2KJZbKdz7O12Tmi1XXA2o2B1vMZUP3ihzdvtz3PK5eoTaAKNmzD3DGAw/ObCEXAO
AtAqbB59KjkKuecCAThwx45n8nYskVPKS7eRbQx7G4wfQtkV6838sQ2nxOpOka0r
r8dq+E8HDCfM0iC8Dj0MaYvaUwRK9fVJnJob3rHsSZGLhxV5MjUpbOflrfbMTKcq
bILZOtnOJaIzmCSPs+cv1az/h1BChsbd8oYPWJH6HyNOAToV5NJkECdAQA2kGIrM
ANcdFiSbzaARP1jvB0+801cfwETOCRsr2F4cDtY5gwWr40kI+5L66fxj7gDAqIBc
COuw7yRxrqDEAnODEAP28i48Fxo6V1QSF6kkmALNZt4qFb2RfVgrGr5ysKOfWDfD
trKKpgLVh6u/9PIfaWvjD+u425cEn79GhgDdd9U0IYSy5qPInilqM0QcdbYzF8Hn
C9saglJdxDpqIuDkkrkiSrGIcX71IW0KDgfSIzWVLyF2QTZk8v17+qKJOOrWkt+R
eMjMnOXBvb/XZSqc7Rflz8pTz5Aa2uqXzChLnMQbJaEXUD1m4GJWQypy3z+Yhsiq
WnbRS0ILMraPfShdNTa2OycmS+PQLGILd/fG36ibFsZBm8yqBHS0mJxgn8DDXcpz
o3d08W4LoPdvoWOBsi8ECM9FNxfegqaZMD+G4ZgCIEAzmh58CqI6MkNgdkYG/hOa
NeldXlYg+NHK1bYiMOUZlefixQLJ5HwhDrbMyDC0VIq7hdtWy7AEWYlHRggVjqQB
+8thJEmad/XX69PuXR6q7GfZtMpc59fD0W6m/cSD6QPPVhPfXD9gBvSUjMpTm4Gy
Y9OxgiJYHILNf4FxnT3lOixMQ/U2lDwe/3KN7L/Fbw5HFeuLtj6eKzFfMZZ7xzeb
vYSonDNpxQ5v2SXEW3Yn57L/6H+MpD9IFW5Wn9Cx2mLtxsm7TGMaERcF0PXN5hWw
Uvk8dehD/gu6n4Evv05ozzvqmHjIV8BjJHB6DYg7t63nE3e3lQ/UPQfhGd0QJhgI
VSMcLZTMnHJuOx9250pBrL15bJ1A5P8QkvAwGCp82UfY1UAprhKypd2ZFms2bpXU
7TABO+12/UuFFyO2BiFuIj+VwKqMSy7umCC6ofBGjvVh1v156XCUBdYmJ1uUdlzw
OFWT9jK1o59d+Yy3acf9lHBFVcjswRPJM55hSp04oZg0g7E59loWSGl7HfjpVmOn
BYDxlBgB3a9vX3P5vnAJxhlmuD2eKa7rTal+d5//KRL7s6ba8HxZ2/Clyi8wYgZf
+hMTNcK1FRE+nLnbVnOJQquzket9aNGVQDoR1EWJL3X+YQKXaggp8dcLlgoFzBgw
SYQZbUIlNzWSn1bQ+bFiDmfnQ8PrHqYK2xltOMhBvQhUul/6nV8Km7ZQ66jq6/lJ
A5dlfKuDVeOFFajXTVPvP/wK/fDz6/VfzteI4GE+4TSkG1l7YYGdr712dxHPtq3X
FnOk3LbW2OF1HTBCSwDUNv7BF7qYn+PkToZC4LtLut71BVyFLkA3No7pQpJ1HHOp
S90WfmoHAR7TF/M4AlyRaWQHZr96vDzOUbO7QmyYEispxeIdvt6kVKQVD7mtpSrV
Mdm/0MIEfJ6C0qYrwmwdqxFqLNLDO0DNrYLfD/DEuzIcqUrzHETB+n/Inuvu+zz4
jOkRGSwG4zDFSt64ofA1viau3wwZ/8bLr9TGGWVcdVdBHYzt+/4U1Em/0BILE2Q/
5DEgDrVRb03O9KeZe2itGfM7qBsd3HlJvp5VjD3Q85BHXwO013cFiNUt4A/XpJQ3
hdBkuYhjmk5v5vofIyyf0L/oHe7rz8ejlU0DWxLK9/KdGps44EZm1xOS0lSXuWwQ
2Biy9EOMJOXO/xmfqWog8MnVo2ocAN5nd1dXGKRnaIh1cOxqeP1a5Kz30K+l8C+x
asCWjzDksTiDsViiy8DF+HWK92QPg31iCz/lRX6n7F65JoBNyNw6D8UdrAVJPF8U
ts9j+W6mjss13aTMXNCzbNh1rBIRf6u+3mdj+thc5CKnKZb97ucvtVuTeFWImCpW
212uptmSacWHGR3cbPbTB25GR9YbsnQEvB0y0p4lF9gvfAPuPGvGiwq213CKjGfA
LS2A9ggfr9ZgkfU68pLBulGDzDdLcT5ski7sGFhSaSinT+PuqaMhEWPbkiG6DsN3
k3jIsZq76Z0tUtlmnaMnD+n+6WT1qN3OVIrsStiD3KNOnIidDXfUNfbDmesd6QPA
pJ7zxn16Nm+fHwhnP3CUeo+WOITV4S1fBnm4KmabQ1QBztaI08MOQN+tE3NqBZDF
GTMlSL/izWU2N/eBhOqwcX6uVOzr4ISUD4dbN6HmrHQ0q6lak4eZ2wwn5eVUjJ+G
fXGpL7J9R/vlXGsFf2IVE5lSz1ClMN3OXSLyAkCVuTpSr859vaZ9VaO+Lwz6kGSv
ac3hyplnyEZ1GgNizZIY2fEXaw1pGEHor1PToumKrym+PTzecl1D06rrXiARnUY2
ZMahZmVzru4mZ30UXc/7DfHUdoE8vnaAqpMjrKLAva6hj5kZ7tLMFrKWOhjerpz5
iM9g5ejloD+CRYfWO0rFuUZ2rw4+nfAJIBN9WvhtlR1wjgt/fyY9rkYloHbz/0uL
rqzHvmUVPUe96f5N9jr7V8p4cqPmBpq8YZefXSDoi2Iql3mhau3ilyEZNokCoD+y
Kksf5tI+7uy4HlEotD55vYFXGKmouoKZJvu492fY9LXzbu7LUmxptSPjwvFfpE6Q
kCxo5RAbImw+uqTwg5a5PzZLaSbLWqLzsZ7pYClJN7EaRhE8ZCy/QdM4hzOK5HOF
BCkIZYCiH/LJRYXQ5YBPOqfc2opr8x5jmoHNeEWU9qq/89n2qjvez1/OK8f8LZD2
FQY1WAutooTwuHsTwpaYc/1xQRMBPqPMVPkTi24caCPFqIr8qgKxl1eLDsm+6GjK
7gQJD3aMKTA5KHvIRWNejaZcAtfcsKeQmFh7UNeQw0qYMt4Eota40T2QVS6txqcu
3QowCNYe5cpVfwDNXkrWWBohP0UEMW/DU8Xk5SV//On1TCK1qgHtXXeuHvvQBb+H
QhDJO5LFo2ROotYPknlJV04znH5/ceSY7u82hxrJYhMZRbxV5adnCrFarA4AENRw
/rNK6Z7sTL6d3jufRb4HkSn3mixsP+HLEG9G2+G1YMTUPvZk4+EVS4+fdm+YaojK
b5d6HsTr7mauFf/PtwLOrCzAUJ6IQm9jY+p9HBMD/zsdtSJQ3MJBEoyDgPPHZuvb
NxXfuYTQSmQBWAmGm9S1Z2eEZa7vxoZDTJzGVBFjEdazGA5IMkeEoWDmPg8tRG2a
VucCVJnP5kKfGGmmPGz2u+Fq1vCsfFhn7kuMpkntW6x/K50hiktT3B1ApcZ/LdzV
eBW2s4dmeyy42D2Hrm6sD/qyxh7EG+2wHnJ72ev1xFEzvDraVQsH2P14WeNjMja6
Kpgf7ctmmXjwIpBBPD6yAf7w/jfizDK72DPOg8S355hhIr9ptVsfqTmkKSC+Yumc
gBK4ZQpVGXy2kA8yNHtWBY3/2OBzvJZOuJglWfMhvj4JmxfuhCKC5SkNJpzAyniF
bEVl8uu+HPhx1Gz/wrogGksEtmAWte+oPqZQHPHGhvlDOOOEl5FudR7q7U2Wh1HU
okazCrMnbUX4WvwP+PxzMncNUHxJppaQNiKU0D4pPF/9VqcUDII8DohFtCt/VvLZ
mFIotf6SrspVwCg7GNXjDccFU/A9RpV+2agWoqixRjXM5hOnCEBe39hM/7EkV4kF
zac8BCot9DezZl5pwxwwroQQPSBUfnpRv0oOvyghAes5Yw7qeqyOOmAupNm6B2na
kywzFAsKLd/po+86wx4WJzBKy0I0caVX7Afy8H88EVIaaUnFp6pGAby6WD0w5YPd
HyfHJVAm58PFyOLtx+rWzjV6JzSG5JNEP8vQL3zfqYZNNjckUqgFLViYqW5/Dhy4
/36vIN8CIQ0l4VVROBsIE9St4uRmk54TKM1m/3zZl7+AsOPSERpq5z9N4xamDqH0
W2cCZpBog7L7zEoubu1p4C0axBQArm7q1b3+WBz+3BPQiwQUnyFhT3Dhk2MlZYYF
ilWLMleZd2p96Eg6kMR+lUO8awIkWa94KVCGn8lKtBxJFLXiBVcktBhyc2ExNmsg
PHJzYTE2a0BrZXkudGVzdD4=
=jMeI
-----END PGP PRIVATE KEY BLOCK-----

after trying it for a half hour or less,
it should be out of everyone's curiosity ;-)

vedaal





Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
Johan Wevers
2005-12-23 22:12:22 UTC
Permalink
***@hush.com wrote:

[snp 16k key]
Post by vedaal at hush.com ()
after trying it for a half hour or less,
it should be out of everyone's curiosity ;-)
Over 15 years, why would I care it's slow with current hardware with
my then low-end multicore 20 GHz CPU? :-)
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
Johan Wevers
2005-12-23 22:12:27 UTC
Permalink
Post by Werner Koch
Talking about 4k keys is in this respect useless - unless you have
very special requirements and can neglect the above points. However,
with such requirements you will also have the staff and money to take
proper decisions and implement new code from scratch.
Not necessarily. I don't think Bin Laden or Al Zawahiri have access to a
staff of capable cryptographers and programmers, but thei certainly has a
need for strong encryption, and he can be certain the NSA will do its best
to decrypt any intercepted message.
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
Atom Smasher
2005-12-23 22:27:48 UTC
Permalink
Post by Johan Wevers
Talking about 4k keys is in this respect useless - unless you have very
special requirements and can neglect the above points. However, with
such requirements you will also have the staff and money to take proper
decisions and implement new code from scratch.
Not necessarily. I don't think Bin Laden or Al Zawahiri have access to a
staff of capable cryptographers and programmers, but thei certainly has
a need for strong encryption, and he can be certain the NSA will do its
best to decrypt any intercepted message.
==================

maybe they can justify 4K keys for everyday use, although anything larger
would attract attention.

even then, how hard is it to get a group of non-geeks, who didn't grow up
with computers, to use pgp? i think they're more likely to use carrier
pigeons than pgp.
--
...atom

_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------

"We must have strong minds, ready to accept facts as they are."
-- President Harry Truman

"I don't care what the facts are."
-- President George H.W. Bush, 1988
Johan Wevers
2005-12-24 00:51:32 UTC
Permalink
Post by Atom Smasher
even then, how hard is it to get a group of non-geeks, who didn't grow up
with computers, to use pgp?
I'm even trying to convince my girlfriend after the latest EU data retention
laws (combined with remailers).
Post by Atom Smasher
i think they're more likely to use carrier pigeons than pgp.
I've read that in Afghanistan they use couriers by horse who memorise the
message. That makes it practically unintercaptable.
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
Eric
2005-12-28 15:34:44 UTC
Permalink
Post by Johan Wevers
Post by Atom Smasher
even then, how hard is it to get a group of non-geeks, who didn't grow up
with computers, to use pgp?
I'm even trying to convince my girlfriend after the latest EU data retention
laws (combined with remailers).
Post by Atom Smasher
i think they're more likely to use carrier pigeons than pgp.
I've read that in Afghanistan they use couriers by horse who memorise the
message. That makes it practically unintercaptable.
What about rubber hose cryptanalysis?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20051227/deda180a/attachment.pgp
Atom Smasher
2005-12-28 20:31:39 UTC
Permalink
Post by Eric
Post by Johan Wevers
Post by Atom Smasher
i think they're more likely to use carrier pigeons than pgp.
I've read that in Afghanistan they use couriers by horse who memorise
the message. That makes it practically unintercaptable.
What about rubber hose cryptanalysis?
===================

it ~may~ be effective against password recovery in some forms of crypto:
an attacker (torturer) would know when the password is revealed because a
valid message is produced.

a courier with a photographic memory could give up countless "secrets",
and none of them the ~right~ one. really, if you beat the crap out of
someone long enough and hard enough, they'll admit to being osama bin
laden.

off the top of my head, outguess <http://www.outguess.org> is the closest
thing to a real crypto app with a decent "plausible deniability" feature.
--
...atom

_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------

"I never did give them hell. I just told the truth,
and they thought it was hell."
-- Harry S Truman, Apr. 3, 1956
vedaal at hush.com ()
2005-12-24 01:06:50 UTC
Permalink
Johan Wevers johanw at vulcan.xs4all.nl wrote on
Post by Johan Wevers
Over 15 years, why would I care it's slow with current hardware
with
Post by Johan Wevers
my then low-end multicore 20 GHz CPU? :-)
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)


vedaal




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
Mica Mijatovic
2005-12-25 21:53:44 UTC
Permalink
Was Fri, 23 Dec 2005, at 10:07:07 -0800,
Post by vedaal at hush.com ()
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)
Your lines, as to the form they form, look like a verses. Is that done
deliberately or your Eudora again entangles on its own?

As to the content in the form... They could equally use some other
technology, some keys of just few bits and with No Such Agency as a
"standard" any more. (-:

- --
Mica
PGP keys nestled at: http://blueness.port5.com/pgpkeys/
~~~ For personal mail please use my address as it is *exactly* given
in my "From|Reply To" field(s). ~~~
If you don't care, don't panic.
Christoph Anton Mitterer
2005-12-28 06:30:07 UTC
Permalink
Post by vedaal at hush.com ()
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)
Perhaps in 2020 gpg uses quantum cryptography,... (of course one would
need a special dongle attached via USB version 42)
RSA/SHA/ElG/EEC have been cracked long ago by 15 year old Norwegian
programmers...

I've had a vision about all this ;-) ... Ok,... just kidding ;-)

Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cam.vcf
Type: text/x-vcard
Size: 449 bytes
Desc: not available
Url : /pipermail/attachments/20051228/264b7c46/cam.vcf
Holger Schuettel
2005-12-24 01:43:43 UTC
Permalink
This post might be inappropriate. Click to display it.
Johan Wevers
2005-12-24 01:45:22 UTC
Permalink
Post by vedaal at hush.com ()
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)
Considering the direction the EU is moving, it might be very wel that
key lengts above 64 bits RSA or DH are outlawed then. :-(
--
ir. J.C.A. Wevers // Physics and science fiction site:
***@vulcan.xs4all.nl // http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html
John W. Moore III
2005-12-24 02:03:59 UTC
Permalink
Post by Johan Wevers
Post by vedaal at hush.com ()
might be interesting to see the year 2020 gnupg version,
the max keylength proposed then,
and then link back to this thread ;-)
Considering the direction the EU is moving, it might be very wel that
key lengts above 64 bits RSA or DH are outlawed then. :-(
The Bell cannot be "un-rung" so there will be large migration to
Portable Apps. NGO's throughout China/Indonesia are doing this all the
time.

JOHN :)
Timestamp: Friday 23 Dec 2005, 02:03 PM --500 (Eastern Standard Time)
Ludwig Hügelschäfer
2005-12-24 12:37:54 UTC
Permalink
Hi Holger,
Post by Holger Schuettel
Hi
I've any questions. How can i generate a keypair with size more than
4096 bits? I've a RSA key from my friend in my keyring with 16384 bits.
How is that possible? I've to try it with gnupg to generate a key over
4096 bits and thats not possible. Can you help me ?
Well, there are different possibilities. First, there (still) are
ckt-Versions of PGP 5/6.x in use which allow creation of such big keys.

Second, everybody is free to modify the key size limits in the existing
gnupg code and compile a version for him/herself. That should not be too
difficult.

I'm quite conservative and think, that 4096 bits are really really
enough for now and even a lot of years to come. There are far more
weaknesses in the communication chain than a key size below 16384.
Post by Holger Schuettel
Sorry for my english :-)
No reason to apologize :-)
Post by Holger Schuettel
(german answer preferred)
This is an english-speaking mailing list :-)

Ludwig
Ludwig Hügelschäfer
2005-12-27 20:04:35 UTC
Permalink
Post by Johan Wevers
Post by Christoph Anton Mitterer
- And even from a cryptographic point of view this wouldn't make sense
(as far as I know), as currently hashfunctions are the weak point of the
whole system.
That depends on what you consider important. Hash functions are only used
for signing;
Ack. And for protection of the private key.
Post by Johan Wevers
for encryption, currently the 256 bit algo's are the strongest.
Please don't mix symmetrical encryption strength (I suppose you are
referring to the session key length/encryption algo) with asymmetrical
encryption strength.

A chain is only as strong as its weakest element.

Ludwig

BTW: Sorry for first replying via PM
Continue reading on narkive:
Loading...