RSA or DSA? That's the question

Noiano noiano at x-privat.org
Fri Sep 7 22:09:26 CEST 2007 

Robert J. Hansen wrote:
> Noiano wrote:
>> First off all thanks for your answers, I have now clearer ideas :-).
>> For what concerns SHA-1 I read that, thanks to the collisions, an
>> attacker can modify the message but the signature verification well
>> be ok.
> 
> That's not possible today.  Today, it would be extraordinarily difficult
> to forge the message.  However, that's no guarantee it will be
> extraordinarily difficult in six months or a year.
> 
> It is best to migrate away from SHA-1 right now.

In my openpgp preferences in thunderbird I've tried to set sha-256 but I
got an error saying it was only possible to use sha-128. What went wrong?

> 
>> By the way I am thinking on creating a rsa key pair (with rsa subkey)
>> as I am willing to buy a smart card kit. However you told the very
>> standard algorithm is DSA/Elgamail so what should I do? Create two
>> key pair? A rsa one and a dsa/elgamail one?
> 
> Don't buy a smart card unless you need a smart card.  Most smart cards
> limit themselves to RSA-1024.  

0_0 I didn't know that....what a bad news!

Distributed key cracking plus the
> constant forward march of mathematical progress means it's possible
> RSA-1024 will fall in the next five years.

DSA keysize is 1024 and cannot be changed. Does the considerations above
apply to a dsa key?

> 
> If you need a smart card, by all means, get one.  If you don't, you're
> probably better off without one, because it gives you more possibilities.
> 
> Insofar as what I think you should do, my advice is unchanged.  Stick
> with the defaults.  I genuinely do not understand why people spend hours
> upon hours laboriously deciding whether to use a DSA or an RSA key.
> Drop "enable-dsa2" in your gpg.conf, set your personal hash preferences
> to use SHA256, and create a default key.

Done!

> 
>> One more thing: the key expiry. Do you think that setting the expiry 
>> date after a year or two is a good choice? Or is better not to set a 
>> expiry date and revoke the key when necessary?
> 
> For most personal/home users, expiration is not necessary.


Thanks again

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20070907/faedd81f/attachment.pgp

More information about the Gnupg-users mailing list