[Ach] GPG - DSA or RSA?

[David Durvaux]

Hello,

In the GPG section, we recommend DSA.  For my mind, it's also what I would
recommend but...
I did a Google search to be able to justify ;-).  And I end up on this:
http://www.linuxquestions.org/questions/linux-security-4/gpg-rsa-or-dsa-with-el-gamal-for-new-keys-565242/

In one of the answer, someone give a pretty good answer in my opinion.

The most interesting is probably this:

"""
Pros:
RSA - Common, studied, widely believed to be secure.
DSA - Widely compatible with GPG of just about any version. Shorter, more
convenient signatures.

Cons:
RSA - Believed to be less secure than a DSA key of the same length.
Ridiculously long signatures. Not as compatible, GPG wise.
DSA - Small keysize might leave it quickly vulnerable to a break.
Underlying hash, while still trusted, is not suggested for use in new
cryptographic applications.
"""

I would then conclude with the usual answer: "Well, it depend" ;).  Can we
really recommend DSA instead of RSA?  The biggest advantage of DSA seems to
be it's compatbility with GPG wich is clearly important but not a valid
crypto choice...

So, for me, we have basically 2 options:
- remove any recommendation (at let the default choice: DSA/DSA ;))
- explain that DSA is prefered for his compatbility but that, from a crypto
point of view, it's difficult to recommend one against the other.

Does this sound correct? (Crypto expert, please help! :-D)

Kr,

David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20131118/531a97c4/attachment.html>