Hello,Today I am going to show how to modify GPG 1.4.12 and compile it on *nix systems (Linux, BSD, OS X, etc.). First, though, some important disclaimers:* This is NOT recommended by Werner Koch, the creator of GPG.* Use of keys larger than 4096-bit is NOT recommended by anyone in the GPG development and general use community because larger keys may not work with all people, devices or OpenPGP implementations.* There is a noticable CPU performance hit when creating and using 8192-bit keys or larger.* The future of OpenPGP is to switch to ECC from RSA and Elgamal in the coming years to provide comparable cryptographic strength to symmetric ciphers with smaller keys.* If you are new to GPG or Linux/BSD/UNIX then you SHOULD NOT do this until you understand what it is actually doing.If you still want to create keys that are larger than the current 4096-bit maximum, then this is how you do it. These instructions assume you are using a *nix system on which you have root access. The instructions will include compiling in support for the old IDEA cipher, for backwards compatibility with data encrypted during the 1990s.This tutorial assumes you are familiar with a UNIX shell (e.g. bash) and use of a real text editor (e.g. Emacs or Vim).Code: [Select]cd /tmp/wget -t 0 -c ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.12.tar.bz2wget -t 0 -c ftp://ftp.gnupg.dk/contrib-dk/idea.c.gzgunzip idea.c.gzsu -At this point you will be prompted for the root password. Enter it. Alternatively you can use:Code: [Select]sudo bashUsing sudo to get a bash prompt may be preferable on Ubuntu and OS X systems which do not enable root access by default.Be EXTREMELY careful from this point on because root access enables you to do anything on your system (unless you're using SELinux or similar mandatory access controls).Code: [Select]cd /usr/local/srccp /tmp/gnupg-1.4.12.tar.bz2 .tar -xjvf gnupg-1.4.12.tar.bz2cd gnupg-1.4.12/cd cipher/cp /tmp/idea.c .rm -f idea-stub.ccd ../g10/At this point you will need to open a file with your preferred text editor, e.g. Vim or Emacs.Code: [Select]vim keygen.cCode: [Select]emacs keygen.cIn the text editor skip down to line number 1,580 (you can also search for "4096" to reach the same point).Replace this line:Code: [Select] unsigned nbits, min, def=2048, max=4096;With this:Code: [Select] unsigned nbits, min, def=2048, max=16384;Then save the file and return to the parent directory.Code: [Select]cd .. Then just configure, make and make install. By default it will install to /usr/local/ directories. If you already have a version of GPG in there that you don't want to mess with then you should select another prefix and eprefix (e.g. --prefix=/opt/local --eprefix=/opt/local).Code: [Select]./configure --enable-idea --enable-camelliamakemake installThat's it, you should now exit out of root or superuser access.You will now have a /usr/local/bin/gpg executable which is capable of creating 16384-bit keys.You should make sure your gpg.conf is configured as per the instructions here:http://dkn255hz262ypmii.onion/index.php?topic=34204.0Then use expert mode to create a new key as described here:http://dkn255hz262ypmii.onion/index.php?topic=28474.0When you are prompted to select your key size, you will be able to enter any value up to and including 16,384 bits.Most systems will not have any trouble creating keys with 8,192 bits of strength, but some will have real trouble creating keys larger than that. Usually they will complain that they have run out of secure memory when that occurs.