[Ach] GPG - DSA or RSA?
ianG
iang at iang.org
Thu Nov 21 08:42:22 CET 2013
In general, RSA has been recommended over DSA ever since the patent
expired. I'm not up on the details, but I think it is mostly to do with
DSA requiring a strong source of random numbers, which makes it more
brittle.
iang
On 18/11/13 19:58 PM, David Durvaux wrote:
> Hello,
>
> In the GPG section, we recommend DSA. For my mind, it's also what I
> would recommend but...
> I did a Google search to be able to justify ;-). And I end up on this:
> http://www.linuxquestions.org/questions/linux-security-4/gpg-rsa-or-dsa-with-el-gamal-for-new-keys-565242/
>
> In one of the answer, someone give a pretty good answer in my opinion.
>
> The most interesting is probably this:
>
> """
> Pros:
> RSA - Common, studied, widely believed to be secure.
> DSA - Widely compatible with GPG of just about any version. Shorter,
> more convenient signatures.
>
> Cons:
> RSA - Believed to be less secure than a DSA key of the same length.
> Ridiculously long signatures. Not as compatible, GPG wise.
> DSA - Small keysize might leave it quickly vulnerable to a break.
> Underlying hash, while still trusted, is not suggested for use in new
> cryptographic applications.
> """
>
> I would then conclude with the usual answer: "Well, it depend" ;). Can
> we really recommend DSA instead of RSA? The biggest advantage of DSA
> seems to be it's compatbility with GPG wich is clearly important but not
> a valid crypto choice...
>
> So, for me, we have basically 2 options:
> - remove any recommendation (at let the default choice: DSA/DSA ;))
> - explain that DSA is prefered for his compatbility but that, from a
> crypto point of view, it's difficult to recommend one against the other.
>
> Does this sound correct? (Crypto expert, please help! :-D)
>
> Kr,
>
> David
>
>
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>
More information about the Ach
mailing list