DSA key sizes
aarcane at aarcane.org
Mon Nov 10 20:01:53 CET 2014
On Nov 10, 2014 10:48 AM, "Robert J. Hansen" <rjh at sixdemonbag.org> wrote:
>> DSA 4096, 5120, and 8192 should be available when governments
>> advocate 3072.
> The USG does not advocate any particular key size. They've made DSA
> available in three sizes (as of FIPS 180-something) to support a variety
> of different needs.
>> I also find the rainbow table fairly probable.
> I don't want to sound blunt, but I respectfully suggest you don't
> understand how rainbow tables work.
> They aren't used against signature algorithms. They're used against
> *hash algorithms*. Huge difference. If you have a rainbow table that
> can break SHA-1 (not that I think one exists today), then it's
> completely useless against RIPEMD-160 or truncated SHA-256.
> If anyone wanted to use rainbow tables against DSA-1024, they would need
> some way to ensure that only one particular hash algorithm could be used
> with DSA-1024. Instead, DSA-1024 just requires 160 bits of hash.
> SHA-1, RIPEMD-160, Tiger-192, WHIRLPOOL, SHA-224/160, SHA-256/160,
> SHA-384/160, SHA-512/160...
I'm proposing, or supporting the hypothesis at least, that a government
agency has a rainbow table mapping one dsa public key to the corresponding
private key, and vice versa. Given the amount of time and the amount of
resources at their disposal, it's not that improbable for a 1024 bit
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users