ietf-openpgp
[Top] [All Lists]

Re: Test Suite - and S2K Detail missing from the spec

1998-03-30 21:15:09
On Mon, 30 Mar 1998, Hal Finney wrote:

I programmed up a script to encrypt/sign one of my README files with all
possible combinations of algorithms I support.

I included ElGamal signatures and the .tgz file is just over 1Mb, so I
don't know of anyone else would want to try.

As we have discussed in the past, ElGamal signatures are not secure
with the DSS keys generated by PGP.  It is necessary to change
the keygen algorithm so that generators other than 2 are used.
See http://www.bell-labs.com/user/bleichen/bib.html.

Been there, fixed that

1. I use a Generator of 5

2. I insure there is no small gcd

3. I use DH key material, not DSS.

4. If I get an insecure key I print a warning and treat it as an error.

--- reply to tzeruch - at - ceddec - dot - com ---


<Prev in Thread] Current Thread [Next in Thread>