Are DSA2 signing keys backwards compatible?

Kevin Hilton kevhilton at
Mon Feb 11 05:13:11 CET 2008

>It doesn't work that way.  SHA-1 doesn't even work with DSA2 keys.
>DSA2 doesn't mean "a bigger DSA key".  It means "a bigger hash with a
>bigger DSA key".  DSA2 allows for any hash size that is equal to or
>greater than the hash size that was used when generating the key.
>Thus, for example, it is legal (albeit silly) to use SHA-512 with a
>old DSA key (which uses a 160-bit hash).  We just truncate to fit.

So just to clarify --
A 3096 bit DSA signing key could only be used with the SHA-512 hash?

Thanks for the explanation!

More information about the Gnupg-users mailing list