DSA vs RSA

L. Sassaman rabbi@quickie.net
Thu, 18 May 2000 21:14:55 -0700 (PDT)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 18 May 2000, Carlos Colombo wrote:


> I have heard about lots of efforts being made to break RSA-encripted
> messages. From this I understand that 1024-bit RSA is safe now will almost
> sure be safe for at least 20 years.
Baring some huge advancement in computing technology or in prime factorization., probably.. but I would recommed using 2048 bit.
> I understand that GnuPG uses DSA (Digital Signature Standard) instead of RSA
> to sign the documents.
> Is it as safe as RSA ?
> Has there been any important efforts to break this algoritm ?
DSS (DSA with SHA-1) is considered just as safe. Some people think that DSA with RIPEMD-160 is as safe as DSS. The benefits and disadvantages aren't security ones, but performance issues usually. For example, large RSA keys produce much larger signatures than DSA keys of the same size.
> Another question, perhaps related to the above:
> What are the similitudes between RSA and DSA? Are they comparable,
> different, essentialy the same...?
DSA does not do encryption. It is only a signature algorithm. ElGamal is used for encryption (note that ElGamal, though it can be used for signing, should not be). RSA can do both encryption and signing, though modern RSA PGP keys (v4) are actually two RSA keys: one for signing only, and one for encryption only.
> inally:
> I am worried about the interoperability between GnuPG and other PGP
> programs. Every PGP program supports DSA?
No. Only PGP 5.0 and greater supports DSA, and DSA support is limited to DSS (as the security of DSA with other hashes isn't established.) Note that if you are using PGP, however, you should be using PGP 6.x or greater, as PGP 5.x was released prior to the existance of the OpenPGP standard. - --Len. __ L. Sassaman System Administrator | "Everything must end; Technology Consultant | meanwhile we must icq.. 10735603 | amuse ourselves." pgp.. finger://ns.quickie.net/rabbi | --Voltaire -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5JL/GPYrxsgmsCmoRAvvpAJ9b5I8zwBzi0JtsrKwxUD98/xUKagCdG5eW oV5wAnRFGvZoFbycIf6p4Bo= =XQpk -----END PGP SIGNATURE-----