RSA / DSS (keylenghts)

Werner Koch
Fri, 22 Sep 2000 10:13:46 +0200

On Thu, 21 Sep 2000, Ralf Senderek wrote:

> That's correct. But if you have to comply with American Standards (DSS)
> this would not help, beacause DSS restricts p to 1024 bits and q to 160 bits.
It does not make sense to talk whether 1024 bit or 2048 bit or whatever is better. We have to look at the entire system and there are a lot of things which are MUCH easier to attack than the mathematical problems. Have a look at a PGP attack tree. Werner -- Werner Koch GnuPG key: 621CC013 OpenIT GmbH -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to