Using ELG sign and encrypt key
David Picón Álvarez
eleuteri@myrealbox.com
Fri Jun 7 15:06:04 2002
--l4I1z1fZ.5XiMkIG0nnxfhpcRy8C.PaU
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
At the risk of seeming stubborn:
> > When I created my new gpg key, I decided to use ElGamal sign and encrypt
> > key, because it permits having a 4096 signature key, and I thought that
gave
> > it more security. However, I've been reading the archives of this
mailing
> > lists, and it is said that using the same key for signing and encryption
is
> > NOT a good idea. Could someone explain why or point me to a relevant
> > resource? Should I go back to using my DSA/ELG key instead?
>
> Yes, there are only 28 key ELG sign+encrypt keys on the keyservers.
> They won't work with PGP, signing is very slow and there are probably
> some vulenrabilities. The key size alone is not a measure of
> security; for exampleyou have to take the size of the hash into
> account which is still 160 bits even with a 4k key.
1) Interoperability: I'm not particularly worried about interoperability for
pgp, because I would have to tweak several options, and not only the key
type, such as the v3 signature business.
2) On slowness, since I use signing interactively, it doesn't seem to be an
issue right now. I don't notice the slowness, to tell the truth.
3) If there are some vulnerabilities, then that's a completely different
issue. But your post is a bit ambiguous about this.
I understand the key length isn't everything, but, all things being equal,
doesn't it improve security? I suppose the answer is that it only does if
it's the weakest link, and to tell the truth I don't know what the weakest
link in signing is likely to be.
Thank you for your clarifications.
--David.
--l4I1z1fZ.5XiMkIG0nnxfhpcRy8C.PaU
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Comment: This message is digitally signed and can be verified for authenticity.
iQQXAwUAPQEg74Vy4iYQ9LKqFAI/ShAAldkMhKNHTfrgAQeZ+42Ek79R5DWzgJM5
ZUEcxZ+tWSUy+FFgF6RD34nu6GUars1VbUW5ChXk6fCPz94SYIm6AK3p2J1XODny
/AisgEFoIpE9k02yWdv4shiTer0HXXus0nO/NJK2QZHaCVNSNA6hlxYkYvMDW5Hd
NJjexpirTIq+el3tz7zHdTrZm1BQgofxs4YlCqpEZfCJX18Njq2iy+QVl6IBLPeL
1POFlWRZG3G8nlY0ZUBfyoCgedUFb3WIeCYKmvTVsQKdLdWZmKBx1oPPQXtQbheW
vYrP42W2Jz79C3j1+x6w6kmWm6NykU+2twL95/2Z6c8SI0bH+d5d7OKxXdFWzDIA
zvuJxesYOVhKqLbvzFU1M+yk8ieNfcslvAArKx9STvMVUww0kmOcgGUpfIf8m3Nl
wG8vQ7R2rMyF2YhtajnKUmii0bvoJAxDNEmMKEF8Lh7Ows5WUMkuK1ZpTnqmowOK
BWmUmDQ0zEKuFV67ux0+fUze554a7g5wRPnixQSXX9YfOh68uM4Uw9ix2QoqfHtW
AqmRgNN2OmXu+c0qyg4xOIxazjq+5PXJwwkmsn6MRmFBQeUGPZ7/ElZLGrujbYf9
bJAtupPin7YE2nOX/YPrJdw14OXjmdmC4Pz1zZJaXWIOkH/C1QOuBJAAt8kr9C7F
VOfyWNi0n7YP/RLBEQ5u74DNPH+oN0BH4xO0mMXhdcAay+mDqY51HXW5Cvg1Pbw5
S+G2P5pZKdAr3K6ydshwyjXMnAUgwngfc0MNwRUueEF38Gln7x5YZ7a7/hJZDxJk
vSRPA9xnvO9mQ8RF/y6bRemSxpsdViK4csqTTNP/X4c9rR2gkQ1H4gKb6bxIo66f
O3hffAW1+noGN3Q+7o5M/a0xb4k7M6AdlaJur6og9nlMgvn06ZL8M4Fx+zt5JAEy
GVCQFJN3YoQcEfNxH/tL0cw+wxVxGeTOmP45BOxl8/RKD7K8R+/QTGFZ78na9AR6
4QGR1C9YiFtLoBJXfKpN7NodijtjkXr1bmGAx77NM3kHGkXGE7i7WGzR4TuTCnHt
86tQ381KSX/Vgi7JSnflKnj2aYaBPNmPQsncVl3yGpD/rp1oTzq6Lc1Z54eWkd9a
Ob+pCMTuvIRyueepNYQ1ATxFiDrPj7XQOfy5QEDA7SZCwo2YMnkWGwPYi/dqguik
2mF7uwjsA6XvlTGfT/IBiyA3uSvfyKwnq8QwTpe34bZx47hmqjnCou3w9HBvp3ps
TE013VDZuCpqGTa5lBwCrm7JCXNj04uKcr7lsvXvTqXWvYnlgVK56hAPmxfhO81u
nKySYfZfR3sMCHX77fy5fdLBdMC0UXJVEwxxuJ0zdiC+ntVx7qFXeI9z
=dfEA
-----END PGP SIGNATURE-----
--l4I1z1fZ.5XiMkIG0nnxfhpcRy8C.PaU--