DSA and ECC (was: Looking for Elgamal sign+encrypt key information)

David Shaw dshaw at jabberwocky.com
Wed Mar 24 02:01:41 CET 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tue, Mar 23, 2004 at 02:28:52PM +0100, Per Tunedal Casual wrote:
> At 05:01 2004-03-22, you wrote:
> >Len Sassaman wrote:
> >
> >One of the given reasons for incorporation of rDSA
> >and ECDSA into the new DSS is the key length restriction of DSA.  If DSA
> >falls into disuse, then without rDSA or ECDSA, there will be no
> >signature standard in OpenPGP at all.
> >
> The current DSA will in a few years time be depreciated because of too 
> short signing keys. What's the reason not to include rDSA i OpenPGP? I 
> think it's important to have a modern signature standard in OpenPGP. 
> Products bases on OpenPGP cannot be marketed to e.g. US government if 
> standard algos are missing.
> 
> I don't know the reasons why the new DSS doesn't include the "old" RSA 
> signature algo (used in OpenPGP), but rather the new rDSA. The difference 
> seems to be that the new rDSA is using an other hash, MDC-2 (patented). 
> What's the advantage?
> 
> If MDC-2 is applied with DES as block cipher the hash is only 2x64=128 
> bits. Is this what is stated in the new DSS (ANSI X-9.31)? I thought a 
> longer hash would be needed to make any use of longer signing keys. With 
> the "old" RSA signature algo a much longer hash can be used e.g. the 
> forthcoming SHA-256.

What do you mean forthcoming? ;)

Seriously, though, there is no reason why rDSA can't someday be added
to OpenPGP.  OpenPGP is very extensible and we're not even close to
running out of algorithm numbers.  That said, there is no particular
reason I've seen to add it *now*.  We should never add algorithms just
because they are available.

David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc

iQFHBAEBCAAxBQJAYN3mKhhodHRwOi8vd3d3LmphYmJlcndvY2t5LmNvbS9kYXZp
ZC9rZXlzLmFzYwAKCRCHHMKrPLO0FSQVB/9/HDYiV+Vx8KOMAcyvkCLqsiM9rSP5
b81FoQxSwP0cHSvzNS0EkKiuPkaJWF4U475UkWN22p8AZaqog4vIkjViiiiFjNzT
X+df6+PhQxdcmpTStV17cZ00+IlWMR88UBPyVoJFytDMnGEWG17s8VVsD/DbCaDo
p7E8pHom066YwxenrMkdW9A8oGeaJwN9AKUkeBr+uvOM0g0WmzxXo/L2LT//OH4c
NoPszAU4Weahw6prT3LVGS2zLrgfRpgipTOGu4L4v8JEV1AAbPv1tXGYIMT87eQb
gmMEtHHvOw4s7Mkp1i3tH5qQa8JehXK/EDVCHB3XXwlappmOPd3yBf86
=N+41
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list