# How secure is GnuPG

**Daniel Carrera
**
dcarrera@math.toronto.edu

*Tue Jul 23 23:26:02 2002*

>* RSA signatures get larger in proportion to the size of the key. If
*>* you are going to sign emails and such, be warned that a really big
*>* signing key is going to mean one huge signature at the bottom. DSA
*>* signatures are very small.
*
Do you suggest using DSA for signatures?
Is a 1024-bit DSA comparible, security-wise, to a 1024-bit RSA or ElGamal?
Is DSA a symmetric algorithm or is it asymmetric like RSA? I ask because
I know that symmetric algorithms can achieve the same security for much
smaller keys.
>* But seriously - forget all that. The real question to ask yourself is
*>* *what do you want to do?* The overwhelming majority of the time,
*>* people end up with a DSA signing key (1024, the maximum) and an
*>* ElGamal encryption key (2048-4096). That is a good all-round safe
*>* choice for many uses (email being the most common example).
*
Why is 1024 the maximum for DSA? That's interesting.
Thanks again,
Daniel.