Signature sizes (was: DSA 1024-bit limit)

David Shaw dshaw@jabberwocky.com
Thu May 15 05:05:03 2003


--2iBwrppp/7QCDedR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 14, 2003 at 07:18:19PM -0400, Daniel Carrera wrote:
> That's not quite what I wanted to know, but you pointed me in the right=
=20
> direction.  Thanks.
>=20
> I just compared a DSA and an RSA signature.  I don't see the what the=20
> problem with RSA signatures is.  It doesn't look that big to me.  For a=
=20
> sample text the DSA signature is 3 lines and the RSA is 7 lines (see=20
> further below).

The larger the RSA key is, the larger the signature is.

> Is the signature size the main drawback of RSA signing?
>=20
> Also, another queston:
> Do RSA signatures use the same hash as DSA?

They can, but do not have to.  DSA must use a 160-bit hash, which
means either SHA-1 or RIPEMD/160 in GnuPG.  RSA can use any hash.

> Does the hash limit the security of RSA signatures?

The hash limits the security of all signatures whenever the key is
stronger than the hash.

David

--2iBwrppp/7QCDedR
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-cvs (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+wwQP4mZch0nhy8kRAozsAJ4/mPH8MuMF9qqpQEZ39YWJGgaMEgCg1Lns
TZqQRRh9kyqjeilC7UG9htw=
=D101
-----END PGP SIGNATURE-----

--2iBwrppp/7QCDedR--