kevhilton at gmail.com
Wed Sep 24 05:32:31 CEST 2008
Robert can probably give a better explanation that I, however with
3072 DSA signing keys, the SHA512 and SHA256 algorithms "functionally"
produce the same length hash since the lower 256 bits are dropped as
per the FIPS specification. I've often wondered the consequences of
such an action -- whether this makes the chance of a collision higher
or equal in comparing the SHA512 modified hash product to the SHA256
hash product. Perhaps someone could elaborate on this.
Of course with RSA keys, no such limitation is in place. Just an FYI.
(And just another summary, the battle between RSA vs DSA signing keys
has been waged many times prior on this mailing list -- Google for it
if you don't believe me -- and to summarize the conclusions of many on
this list -- this is no functional advantage of using one over the
More information about the Gnupg-users