ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DSS lengths

1997-12-04 18:45:12
from [Peter Gutmann] [Permanent Link] 
[DSA 1Kbit limit]
I've tried in OP-FORMAT not to talk about this -- I don't want to limit an
implementation to 1024 bits, nor to mandate how to get a larger hash value.
Is there something I need to change in the spec?

 
It would be a good idea to at least warn people about this, because without it
people will (a) use keys > 1K bits thinking they're getting extra security, or
(b) try to cobble together their own hash functions to get > 160 bits output.
It's probably worth a note in the "Security Considerations" section to say that
people shouldn't do this.
 
Peter.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: DSS lengths, Peter Gutmann <=
Previous by Date:  Re: new algorithm identifier of the symmetric cryptosystem., Hal
Next by Date:  Re: new algorithm identifier of the symmetric cryptosystem., Peter Gutmann
Previous by Thread:  Discrete log signature key sizes, Hal Finney
Next by Thread:  More draft comments, Tony Mione
Indexes:  [Date] [Thread] [Top] [All Lists]