Difference between different key types

Robert J. Hansen rjh at sixdemonbag.org
Mon Aug 23 23:06:57 CEST 2010

On 8/23/2010 4:56 PM, Jerry wrote:
> What is the difference between choices 1 & 2? Is one better than the
> other? Which would be preferred? I am assuming #1; however, "KGPG" (In
> the KDE suite) seems to prefer choice #2.

All asymmetric cryptography is built on math problems that are so hard
they cannot be solved unless you already know part of the answer.  For
instance, factoring a number is hard: what two prime factors go into
2,701?  But if I give you one of those prime factors (37), it's really
easy to figure out the other one (73).

RSA is built on the Integer Factorization Problem (IFP).  This is pretty
much exactly what's described above.

DSA and Elgamal are built on the Discrete Logarithm Problem (DLP).  This
is a different kind of problem involving computing discrete logarithms
in a finite field -- another problem that's widely considered to be
intractable unless you already know part of the answer.

That's the big difference between DSA/Elgamal and RSA.  From a purely
functional perspective, they are almost entirely equivalent.  (One might
be a few milliseconds faster for encryption, one might be a few
milliseconds faster for decryption -- but that's hardly a big deal.)

"Better" is a subjective term.  I don't know what "better" means to you,
so I can't answer it.  A lot of pointless holy wars have erupted over
which key type is "better", and my best advice is to ignore the question

GnuPG has sensible defaults.  You don't need to override them.

More information about the Gnupg-users mailing list