Are DSA2 signing keys backwards compatible?

Werner Koch wk at gnupg.org
Mon Feb 11 08:33:34 CET 2008


On Mon, 11 Feb 2008 05:13, kevhilton at gmail.com said:

> A 3096 bit DSA signing key could only be used with the SHA-512 hash?

It is possible to use it with a shorter hash but that does not make
sense.

Please think twice before you start to generate such a long key.  It
needs a lot more of performance.  There are only a very vew application
with a need for it.  Using it on Internet connected box is ridiculous
because there are uncountable ways to attack the data or the signature
without attacking the math.

You exclude all users of slower computers with such a long key.  In
particular users of PDAs and other small devices.  Actually those small
devices are a very good way to create high valuable signatures because
it is easier to secure such devices (in contrast to general purpose
desktop boxes).


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gnupg-users mailing list