On Monday 30 May 2005 16:36, Ben Laurie wrote:
However, I'm still left with a question, since 2437 only specifies RSA
signatures. What lengths should be used with DSA and Elgamal?
That's trivial: with DSA there is no such thing as an encoding length, since
the Hash is used directly and has to be of the correct length (with 1024
bit DSA you SHOULD use SHA-1, which is 160 bit wide, which (ohh wonder!)
matches the requirement of DSA).
Elgamal is also trivial: don't use it for signatures. It's insecure. (Or
rather: it is so hard to make it secure that it is not worth it.)
Konrad
pgpoeCs6MjRFe.pgp
Description: PGP signature