RSA/DSA questions
Damian Gerow
dgerow at afflictions.org
Mon May 26 07:44:25 PDT 2003
Although most of this was way above my head at first reading (subsequent
readings make more sense)...
Thus spake Joseph Ashwood (ashwood at msn.com) [23/05/03 19:32]:
> future DLP is inherently more difficult than IFP. PSS gains though in that
> without breaking any standard that I'm aware of the modulus can be extended
> indefinitely whereas DSA1 (don't recall DSA2 immediately having such an
> issue, but I don't recall DSA2 specifics immediately) has a standard limit
> of 1024-bit (the maths scales indefinitely though). The other thing to
Thanks! This was definitely a followup item -- in relation to PGP, why DSA
signatures are always 1024-bit, even if I've got a 4096-bit key.
> consider is speed, since you're using this for SSH, it may be important that
> the server be capable of more connections per time, in which case DSA is the
> clear winner (RSA wins for verification though for a typcial
> implementation).
Again, thanks -- this was yet another followup question.
More information about the cypherpunks-legacy
mailing list