This was posted on TMG on October 25th, 2016 and a little earlier than than on TheHub. I'm repeating it here slightly edited because almost nobody heard it and it should be shouted from the mountaintops with bazooka horn. This was kinda posted here about a year ago by /u/Dr_Zhivago_ in this topic: /r/DarkNetMarkets/comments/3pyrxo/how_the_nsa_can_break_trillions_of_encrypted_web/
ALL PEOPLE WITH PGP KEYS LESS THAN 3072 BIT SIZE PLEASE READ!
Attention all active DNM people still using PGP keys only 2048-bits in strength:
There are still an extraordinarily high number of active vendors and users across all darknet markets who are using 2048-bit PGP keys to conduct business. As you know, buyers/sellers must import your 2048-bit public keys so they can then use your public key to encrypt a message containing sensitive delivery address information or bitcoin addresses or other sensitive info.
Back in 2015, the NSA made the declaration the following isn't safe to use (for their work or other infosec/netsec workers):
- ECDH and ECDSA with NIST P-256
- SHA-256
- AES-128
- RSA with 2048-bit keys
- Diffie-Hellman with 2048-bit keys
- Source: https://www.nsa.gov/ia/programs/suiteb_cryptography/index.shtml
- Commentary: /r/technology/comments/3hd5a0/nsa_has_stopped_recommending_p256_sha256_and/
More details can be found here: http://deepdot35wvmeyd5.onion/2016/02/08/nsa-switches-to-quantum-resistant-cryptography/
In the interests of vendor and customers safety, I implore all the DNMarkeers still using 2048-bit keys (or lower - shame on you!) to PLEASE generate a new key pair, 4096-bits in size. Yes - 3072-bit keys are still considered safe for now, but if you're going to generate a new key pair, just make them 4096-bits in size and be done with it (and if that means ditching GPA for GPG4USB, THEN PLEASE DO SO!)
Considering this is free to do, there really is NO EXCUSE for anyone, especially all the currently active DNM buyers (who send their encrypted address along with orders for illegal drugs with weak keys), to still be using keys that are just 2048-bits in strength.
here is how to do it for tails https://www.reddit.com/r/DarkNetMarketsNoobs/wiki/bible/buyer/pgp/createkeypair
edit: vendors do not forget to sign your new public key
however I would not jump to the conclusion that the nsa can crack rsa with 2048 bit keys just because they do not recommend to use it any more for their top secret documents/data/communication. it could be simply to ensure that nobody except themselves has access to their data [that means like 'it is probably not broken but we should still set higher standards in out recommendations for our workers to ensure we do not get fucked'].
regardless, a stronger key size is always good, and people should definitely use 4096 bit.