RSA / DSS (keylenghts)
Mr. B
triazon@bigfoot.com
Thu, 21 Sep 2000 18:57:52 -0700
--PEIAKu/WMn1b1Hv9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Sep 21, 2000 at 05:53:38PM +0100, Pete Chown wrote:
> Ralf Senderek wrote:
>=20
> > if you double the size of a DSS-key not one additional secret key value
> > is added because the amount of possible secret keys is limited by the
> > size of the hash-function (160 bits), Only the mathematical operation=
=20
> > will use a longer key (as modulus) and consequently takes more time.
>=20
> This is true, but hopefully it makes cryptanalysis more difficult. By
> the time you get to a 1024-bit modulus, it will take roughly the same
> amount of time to solve either of the two possible discrete logarithm
> problems. With a 512-bit modulus, it is (counterintuitively) much
> easier to attack the 512-bit discrete logarithm problem rather than
> the 160-bit one, because they have different characteristics. (I am
> sure you already knew that though.)
>=20
> There is no reason why you couldn't have a DSA key longer than 1024
> bits (that I am aware of). However, to get any benefit from this you
> would need to make the other modulus longer than 160 bits. This would
> mean using a hash function other than SHA-1, for example Tiger/192.
>=20
> --=20
> Pete
>=20
> --=20
> Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
> with a subject of "unsubscribe" to gnupg-users-request@gnupg.org
>=20
So... what functionality did the gpg RSA upgrade really give us anyway?
Roger Brown
--=20
Get paid to spread the word...
Help distribute the Planetary Appeal.
PADN - Planetary Appeal Distribution Network
http://www.padn.org/index.html
--PEIAKu/WMn1b1Hv9
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5yryg8EpIbKkWFucRAj42AJ9oQTQFIx0PB23A2mHBWvFifGhXrQCbByYO
FToiuBlfXFbfLXRjWlOtVso=
=G50h
-----END PGP SIGNATURE-----
--PEIAKu/WMn1b1Hv9--
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org