Creating a vanity GPG key

I had decided a while back that I should generate a new keypair, as I’m still using an old 1024-bit DSA key, and it’s been recommended to migrate to a stronger RSA key for several years now (In fact,many key-migration tutorials date back to 2009, in response to an announced attack vector against SHA-1). Yes, I decided a while back… but never actually did it.

You see, there was a small problem: it had taken me a while to remember my key-ID. That arcane annoying random 8-digit sequence that is part of the fingerprint for every GPG key. It’s not globally unique, but it’s unique-enough to be useful. Mine is 04edc4b1.

I was determined to have something more memorable, or at least slightly more geeky (because having a GPG key honestly just isn’t geeky enough.)

Someone else had the idea of creating a vanity key-ID, too, but he was trying to create a specific key. His method for generating them is private, and I didn’t feel like reaching out to find out what it was, which meant rolling my own.

Since I wasn’t looking for a specific key, but just for something memorable and interesting, I didn’t have to create a collision scenario. I just had to create a bunch of keys, and filter them for “interestingness.”

(more…)