This article is from the PGP FAQ, by Jeff Licquia email@example.com with numerous contributions by others.
PGP gives you three choices for key size: 512, 768, or 1024 bits. You
can also specify the number of bits your key should have if you don't
like any of those numbers. The larger the key, the more secure the
RSA portion of the encryption is. The only place where the key size
makes a large change in the running time of the program is during key
generation. A 1024 bit key can take 8 times longer to generate than a
384 bit key. Fortunately, this is a one time process that doesn't need
to be repeated unless you wish to generate another key pair. During
encryption, only the RSA portion of the encryption process is affected
by key size. The RSA portion is only used for encrypting the session
key used by the IDEA. The main body of the message is totally
unaffected by the choice of RSA key size. So unless you have a very
good reason for doing otherwise, select the 1024 bit key size. Using
currently available algorithms for factoring, the 384 and 512 bit keys
are just not far enough out of reach to be good choices.
If you are using MIT PGP 2.6.2, ViaCrypt PGP 2.7.1, or PGP 2.6.2i, you
can specify key sizes greater than 1024 bits; the upper limit for
these programs is 2048 bits. Remember that you have to tell PGP how
big you want your key if you want it to be bigger than 1024 bits.
Generating a key this long will take you quite a while; however, this
is, as noted above, a one-time process. Remember that other people
running other versions of PGP may not be able to handle your large