Signature sizes (was: DSA 1024-bit limit)

David Shaw
Thu May 15 05:05:03 2003

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 14, 2003 at 07:18:19PM -0400, Daniel Carrera wrote:
> That's not quite what I wanted to know, but you pointed me in the right=
> direction.  Thanks.
> I just compared a DSA and an RSA signature.  I don't see the what the=20
> problem with RSA signatures is.  It doesn't look that big to me.  For a=
> sample text the DSA signature is 3 lines and the RSA is 7 lines (see=20
> further below).

The larger the RSA key is, the larger the signature is.

> Is the signature size the main drawback of RSA signing?
> Also, another queston:
> Do RSA signatures use the same hash as DSA?

They can, but do not have to.  DSA must use a 160-bit hash, which
means either SHA-1 or RIPEMD/160 in GnuPG.  RSA can use any hash.

> Does the hash limit the security of RSA signatures?

The hash limits the security of all signatures whenever the key is
stronger than the hash.


Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.3-cvs (GNU/Linux)