advantages/disadvantages of DSA/RSA keys (was: Re: implications of subkeys?)

David Shaw dshaw@jabberwocky.com
Mon Mar 4 14:43:01 2002


On Mon, Mar 04, 2002 at 11:51:54AM +0200, disastry@saiknes.lv wrote:
> seems I sent to wrong list...
> now to correct one :)
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
>=20
> Ingo Kl=F6cker ingo.kloecker@epost.de wrote:
> > On Saturday 02 March 2002 15:21, David Shaw wrote:
> > > On Sat, Mar 02, 2002 at 01:51:01PM +0100, Ingo Kl=F6cker wrote:
> > > > On Friday 01 March 2002 20:39, David Shaw wrote:
> > > > > Yes.  The algorithm is up to you and what you trust more.  GnuP=
G
> > > > > 1.0.7 gives you the choice between DSA and RSA.  They each have
> > > > > advantages and disadvantages.
> > > >
> > > > Is there somewhere a short but complete list of the advantages an=
d
> > > > disadvantages?
> > >
> > > This is pretty good:
> > >      http://www.samsimpson.com/pgpfaq.html
> >=20
> > Thanks. At least from section 8.1 it doesn't seem that RSA keys have =
any=20
> > advantages (except the backwards compatibility with plain PGP 2.x).
> > Ingo
>=20
> note that this FAQ was written when there was only v3 RSA keys.

This is true, and important - v4 RSA keys do not have most of the
disadvantages of v3 RSA keys.  Specifically in section 8.1, statements
#2, #3, #4, #5 (mostly), and #6 do not apply to v4 RSA keys.

Also, v4 RSA is not directly backwards compatible with v3 RSA without
doing significant packet munging magic.

> RSA keys have some advantages, at least two:
>  they are not limited to 1024 bits like DSA
>  they can use hash longer than 160 bits.

RSA signing keys, that is.

For me, the worst thing about RSA signing keys is that they make much
larger signatures than a DSA key.  All in all, that's not such a big
problem these days. :)

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.co=
m/
+------------------------------------------------------------------------=
---+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson