Curiosity with RSA sign/encrypt keys

Len Sassaman
Mon Jul 9 23:36:02 2001

On Mon, 9 Jul 2001, David Shaw wrote:

> I wonder why PGP generates v4 RSA keys this way. I know there are
> many procedural reasons why it is not a good idea to use a single key
> for both signing and encryption, but is there a cryptographic reason
> why using a single RSA key for both signing and encryption is a poor
> idea, or was it just done to maintain the DSS/ELG key/subkey
> sign/encrypt way of doing things that people were familiar with?
There's no specific cryptographic reason not to use the same key for signing and encrypting with RSA (whereas ElGamal has signing problems, period.) But the "proceedural reasons" are more than enough to warrant this type of key construction. __ Len Sassaman Security Architect | Technology Consultant | "Let be be finale of seem." | | --Wallace Stevens