DSS Standard

Stefan Nobis stefan@snobis.de
23 Aug 2000 18:37:07 +0200


I found the following on the web, which says that the DSS standard is
a bit bad and not very secure - is this true?

-----------------------------------------------------------------------
[Y - public key, X - secret key, G - generator, P - prime]
Y = GX mod P

The DSS (Digital Signature Standard) restricts the size of the prime P
to 1024 bits, which appears as a minor restriction compared to the RSA
algorithm which commonly uses 1024-2048 bits. But it's more important
for the datafiend, that this standard restricts the secret key to 160
bits as well. Therefore it is enough to check a relevant part of the
numbers between 0 and 2160 to find the secret key, while the size of
the prime does only increase the time for calculation of one single
test but does not increase the amount of possible secret keys.
-----------------------------------------------------------------------

Oh, the origin is
http://senderek.de/security/secret-key.protection.html#versions

-- 
Until the next mail...,
Stefan.

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org