TWIRL: Are 1024-bit RSA Keys Unsafe?

This came across the Interesting-People list today: a preliminary draft of a paper, co-authored by Adi Shamir, that proposes new hardware for factoring large numbers. It is claimed that a machine could be built which would be "3-4 orders of magnitude more cost effective than the best previously published designs," and that "the NFS sieving step for 1024-bit RSA keys can be completed in less than a year by a $10M device." For background, here's a primer on key length in symmetric and asymmetric crypto.

How secure is PGP if you possess the private key?

[SteWhite]

A lot of talk about breaking encryption comes from the perspective of
the private key still being private. How secure is something like PGP
if the attacker has the private key but not the password?

Assuming maximum PGP 6.5.8 security of 4096 bit keys, with a good
strong passphrase (70+ chars, including non-alphanumeric), how long
would it take to break? Any reasonably accurate figures would be
appreciated.

Re:They're safe enough

[vinsci]

The reason cracking machines are built is that they don't leave trails. A key keeps increasing in value when its unsuspecting owner keeps using it after it has been cracked.