Choice of Algorithm

Werner Koch wk at
Mon May 30 19:56:38 CEST 2005

On Fri, 27 May 2005 10:53:04 -0400 (EDT), Atom Smasher said:

> elgamal isn't used because the implementation was broken. as far as

Nope:  Elgamal signatures are really hard to get right and safe.  They
are a relict form the very early days of GnuPG when I did not knew
about the OpenPGP WG.

> DSA being "The Standard" i don't think it's any more standard than
> RSA, although it is more common.

DSS (DSA+SHA1) is the FIPS standard for digital signatures.

> the common and widespread use of DSA instead of RSA for signatures

No.  DSA has a couple of advantages of RSA:  It is a different
algorithm using another problem than RSA and the signatures creates
are much smaller than RSA signatures. 



More information about the Gnupg-users mailing list