Do you have a question? Post it now! No Registration Necessary. Now with pictures!
January 26, 2005, 1:40 pm
rate this thread
Is there any significant advantage of using one over the other? I
thought I read somewhere that RSA is more secure, but one of my
sysadmins read that DSA is.
To reply by email remove "_nospam"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Re: rsa v. dsa authentication
DSA _can_ be worryingly insecure if implemented poorly; a bad DSA
implementation is capable of giving away your private key (allowing
anyone to authenticate as if they were you). This is about the worst
thing a public-key mechanism can do.
I don't know what the security differences are between RSA and
properly implemented DSA, though. I suspect there isn't much
difference, or at least no difference that couldn't be made
irrelevant just by increasing the key size.
Simon Tatham "The voices in my head are trying to ignore me.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum