DSA key sizes
Robert J. Hansen
rjh at sixdemonbag.org
Mon Nov 10 17:01:12 CET 2014
> No, four. Section 4.2 of FIPS-186-3:
Yeah, I was misled by the reference to 186-3 and misread it as "the
family of 186 documents."
(For those of you who don't follow government specs as a hobby: FIPS
186, first released in 1994, has been revised several times over the
years. We're now up to the fifth revision, FIPS 186-4, which was
published in July of 2013.)
> Remember that the FIPS-186 documents cover DSS, not DSA. There was a
> < 1024-bit DSS, but it didn't make it into FIPS-186-3.
I don't have a copy of FIPS 186-3, but my copy of 186-4 has a chapter 4
titled "The Digital Signature Algorithm." The document *itself* is
called the Digital Signature Standard, but there's nothing in the text
that says "this particular algorithm with these particular parameters
(This is a break of sorts from FIPS 186, where "DSS" was used in the
text a couple of times in an algorithmic context. I don't know when the
language shift happened, but clearly somewhere between 186 and 186-4.)
> It's also not the case the GnuPG never supported 512-bit DSA.
More information about the Gnupg-users