[Ach] GPG - DSA or RSA?

ianG iang at iang.org
Thu Nov 21 08:42:22 CET 2013

In general, RSA has been recommended over DSA ever since the patent 
expired.  I'm not up on the details, but I think it is mostly to do with 
DSA requiring a strong source of random numbers, which makes it more 


On 18/11/13 19:58 PM, David Durvaux wrote:
> Hello,
> In the GPG section, we recommend DSA.  For my mind, it's also what I
> would recommend but...
> I did a Google search to be able to justify ;-).  And I end up on this:
> http://www.linuxquestions.org/questions/linux-security-4/gpg-rsa-or-dsa-with-el-gamal-for-new-keys-565242/
> In one of the answer, someone give a pretty good answer in my opinion.
> The most interesting is probably this:
> """
> Pros:
> RSA - Common, studied, widely believed to be secure.
> DSA - Widely compatible with GPG of just about any version. Shorter,
> more convenient signatures.
> Cons:
> RSA - Believed to be less secure than a DSA key of the same length.
> Ridiculously long signatures. Not as compatible, GPG wise.
> DSA - Small keysize might leave it quickly vulnerable to a break.
> Underlying hash, while still trusted, is not suggested for use in new
> cryptographic applications.
> """
> I would then conclude with the usual answer: "Well, it depend" ;).  Can
> we really recommend DSA instead of RSA?  The biggest advantage of DSA
> seems to be it's compatbility with GPG wich is clearly important but not
> a valid crypto choice...
> So, for me, we have basically 2 options:
> - remove any recommendation (at let the default choice: DSA/DSA ;))
> - explain that DSA is prefered for his compatbility but that, from a
> crypto point of view, it's difficult to recommend one against the other.
> Does this sound correct? (Crypto expert, please help! :-D)
> Kr,
> David
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach

More information about the Ach mailing list