[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

From: | "Atte Peltomaki" <koston@xxxxxx> |

Date: | Thu, 20 Jan 2005 08:25:24 +0200 |

> > > So, what about "(b) RSA is just a better protocol [(algorighm)]"? > > > I've read a few pieces which recommend RSA over DSA, although most > > > crypto programs (OpenSSL/SSH etc.) say RSA is depricated/a last resort. > > > Any insights? > > > > The OpenSSL and OpenSSH guys are right. DSA is stronger than RSA, as > > long as it is done correctly. But since it is harder to implement DSA > > correctly, a lot of fools might suggest avoiding it :) > > When considering the "strength" of an algorithm, take in to acount > that DSA was never intended for encryption and was selected by a > standards body (NIST) under less than "open competition". > > A decent FAQ with some good refrences in it can be found at > http://www.rsasecurity.com/rsalabs/node.asp?id=2239 > > Summary of the FAQ: DSA is as secure as anyother "unbroken" signature > algorithm. DSA is faster at key generation and signing. RSA is faster > at verification. So, consider your application when choosing the > algorithm. I gathered from the rsasecurity.com docs that there is a technique to break RSA, but as of today it has not been succesfully incorporated. Which to my understanding would mean that RSA is a bad choice of algorithm when thinking about the future, when someone figures out how to (easily) use the technique. . .of course I could've as well interpreted the text below completely wrong.. *clip* Another way to break the RSA cryptosystem is to find a technique to compute eth roots mod n. Since c = me mod n, the eth root of c mod n is the message m. This attack would allow someone to recover encrypted messages and forge signatures even without knowing the private key. This attack is not known to be equivalent to factoring. No general methods are currently known that attempt to break the RSA system in this way. However, in special cases where multiple related messages are encrypted with the same small exponent, it may be possible to recover the messages. *clip* Atte

**Follow-Ups**:**Re: RSA vs DSA***From:*nega

**References**:**RSA vs DSA***From:*Jonathon McKitrick

**Re: RSA vs DSA***From:*Joerg Sonnenberger

**Re: RSA vs DSA***From:*Kris Maglione

**Re: RSA vs DSA***From:*Joerg Sonnenberger

**Re: RSA vs DSA***From:*nega

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]