ietf-openpgp
[Top] [All Lists]

Re: Bigger DSA keys

2005-09-18 05:12:22

Ben Laurie wrote:
Ian G wrote:

Hal Finney wrote:

The new DSS keys will, according to what I have heard, be for two sizes:
2048 and 3072 bits, and will use SHA-224 and SHA-256 respectively.
(SHA-224 is not presently an OpenPGP algorithm; it is basically a
truncated version of SHA-256 with a different internal initial value).
This will allow for larger keys and use a different hash than SHA-1.


(assuming we do it,) I would suggest we ditch the 2048/224
and just implement the 3072/256.

(We could add the other one as a MAY ... but I can't see
the point of it.  Sure NIST may split hairs on it, but
let's save ourselves the doco and the discussion and
just do the better one.)


How about because generating 2048 bit primes already takes long enough, and 3072 takes ages?

Numbers?

iang

<Prev in Thread] Current Thread [Next in Thread>