Carlo Luciano Bianco
clbianco at tiscalinet.it
Sat Sep 23 15:15:07 CEST 2006
Il /21 set 2006/, *David Shaw* ha scritto:
> On Thu, Sep 21, 2006 at 01:38:03PM +0100, Nicholas Cole wrote:
>> Dear David and others,
>> Thank you for the information you have already posted
>> about DSA2 on the list. Could I ask a few other
Thanks to everybody for this very interesting thread. Some weeks ago
I tried to start a similar one on the Italian crypto usenet group,
but without much luck... ;-)
I just try to summarize what I understood from this thread about
OpenPGP implementation of DSA and RSA signatures, so you can correct
me if I am wrong: ;-)
- DSA is limited to 256-bit hashes (greater hashes are truncated).
- DSA is limited to 3072-bit keys (largers are useless, see above).
- DSA does not support "firewalled hashes"
On the other hand:
- RSA supports hashes up to 512-bit full lenght.
- RSA supports keys up to 4096 bit.
- RSA does support "firewalled hashes".
So my point is: what is the real advantage of "DSA2" over RSA
(if any, beside being the US standard)?
> Sanity, mostly. The rough balances between key size and hash size
> 1024 bits, 160 bit q size (i.e. regular old DSA)
> 2048 bits, 224 bit q size
> 3072 bits, 256 bit q size
> 7680 bits, 384 bit q size
> 15360 bits, 512 bit q size
Therefore, now that GnuPG uses 256-bit symmetric algos and 512-bit
hashes (i.e. AES-256 and SHA-512), shouldn't we use also DSA/ElG and
RSA keys greater than 4096-bits, to achieve a "balanced" security?
> A 7680-bit key is enormous and takes a long time to generate or
> make signatures. A 15360-bit key is all but unusable.
And therefore, even better, what is the present status of adding to
GnuPG an "official" ECC keys support?
Thank you in advance for the replies! :-)
| ICQ UIN: 109517158
Carlo Luciano Bianco | Home page: <http://clbianco.altervista.org/>
GnuPG RSAv4 4096 - Fingerprint:FA68CF697EA63865AAFA805F68703AD40609D743
More information about the Gnupg-devel