elGamal Keys to Sign+Encrypt
David Shaw
dshaw@jabberwocky.com
Tue Jan 14 01:04:02 2003
On Mon, Jan 13, 2003 at 01:23:44PM +0100, Olaf Gellert wrote:
> I just tried to generate an elGamal-only key (for
> signing and encryption). I noticed, that obviously
> the elGamal-only keys are deprecated in GPG version
> 1.2.1 and you can only generate them in the expert-
> mode. Some issues (security flaws, ...) with these
> keys?
>
> We are thinking about which keys we want to sign
> with our certification authority, so are there any
> arguments against elGamal (besides that nearly
> no application can handle them)?
Well, that's a pretty big argument against ElGamal ;) It's also
incredibly slow, makes big signatures, and requires special care when
generating the key or signatures from the key can be forged.
However, that said, why should a CA care? I wouldn't make the CA
signing key an Elgamal signing key, but it shouldn't matter if you
certify an ElGamal key.
David
--
David Shaw | dshaw@jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson