Re: rsa v. dsa authentication

From: Simon Tatham (anakin_at_pobox.com)
Date: 01/26/05 

Date: 26 Jan 2005 14:20:42 +0000 (GMT)

Chuck <skilover_nospam@softhome.net> wrote:
> Is there any significant advantage of using one over the other? I
> thought I read somewhere that RSA is more secure, but one of my
> sysadmins read that DSA is.

DSA _can_ be worryingly insecure if implemented poorly; a bad DSA
implementation is capable of giving away your private key (allowing
anyone to authenticate as if they were you). This is about the worst
thing a public-key mechanism can do.

I don't know what the security differences are between RSA and
properly implemented DSA, though. I suspect there isn't much
difference, or at least no difference that couldn't be made
irrelevant just by increasing the key size. 

-- 
Simon Tatham         "The voices in my head are trying to ignore me.
<anakin@pobox.com>    But if I keep talking, I can drive them insane."

Relevant Pages

  • Re: RSA or DSA?
    ... The SSH 1 protocol only supports RSA keys; ... supported by PuTTY are RSA and DSA. ... The PuTTY developers strongly recommend you use RSA. ...
    (comp.security.ssh)
  • Re: ssh-keygen between SuSE and FreeBSD
    ... I'm not quite sure right now why you're using rsa keys. ... dsa keys. ... ssh version 1, while dsa keys are for ssh version 2. ...
    (freebsd-stable)
  • Re: RSA or DSA?
    ... >> to dsa. ... > The PuTTY developers strongly recommend you use RSA. ... directed at _Windows_ SSH clients, ...
    (comp.security.ssh)
  • Re: SSH oddness with 8.0-STABLE
    ... FreeBSD's version of OpenSSH preferred DSA ... over RSA for host and user authentication keys. ... host keys even for previously known hosts. ...
    (freebsd-stable)
  • Re: RSA Performance
    ... to see what to expect with RSA. ... and there is the matter of the patent dispute. ... DSA, to my knowledge, was never patented. ... If each signature is verified once, don't you want to minimize the sum of signature generation and verification? ...
    (sci.crypt)