Re: Stupid hash question?

ietf-openpgp

Re: Stupid hash question?

2005-05-30 11:26:24

On Monday 30 May 2005 16:36, Ben Laurie wrote:

However, I'm still left with a question, since 2437 only specifies RSA
signatures. What lengths should be used with DSA and Elgamal?


That's trivial: with DSA there is no such thing as an encoding length, since 
the Hash is used directly and has to be of the correct length (with 1024 
bit DSA you SHOULD use SHA-1, which is 160 bit wide, which (ohh wonder!) 
matches the requirement of DSA).

Elgamal is also trivial: don't use it for signatures. It's insecure. (Or 
rather: it is so hard to make it secure that it is not worth it.)



        Konrad

pgpoeCs6MjRFe.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Stupid hash question?, Ben Laurie Re: Stupid hash question?, Konrad Rosenbaum Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, Peter Gutmann Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, Peter Gutmann Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, Konrad Rosenbaum <= Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, Konrad Rosenbaum Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, Jon Callas Re: Stupid hash question?, Werner Koch Re: Stupid hash question?, Ian G Re: Stupid hash question?, Werner Koch Re: Stupid hash question?, "Hal Finney" Re: Stupid hash question?, Ben Laurie Re: Stupid hash question?, "Hal Finney"

Previous by Date:	Re: Stupid hash question?, "Hal Finney"
Next by Date:	Re: Stupid hash question?, Ben Laurie
Previous by Thread:	Re: Stupid hash question?, Ben Laurie
Next by Thread:	Re: Stupid hash question?, Ben Laurie
Indexes:	[Date] [Thread] [Top] [All Lists]