-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Zach Himsel wrote: > My private key was recently compromised (Which sucks, I know). I was in > the process of generating a new keypair when I realized "Why do I use > RSA? What's the difference". Hence my question :) > > If I *do* use DSA/ElGamal, what bitrate should I use? I know there are > FAQs and documentations that say to use a certain bitrate, but I would > like to know the reason behind that...
My personal preference is for an RSA signing Key with an ElGamal encryption sub-Key. My reasons are twofold: RSA Keys have *all* the hash functions available to them. Nothing truncated. RSA Keys are more difficult to 'forge' signatures due to the built in "firewall", for lack of a better word. Much has been written on PGP-Basics regarding this ability within RSA Keys. Robert J. Hansen also explains this very well in his 'Un-Official PGP FAQ' which is accessible from my Homepage. I use an ElGamal encryption sub-Key solely because I feel that bit-for-bit, ElGamal is the stronger. Others can & may differ. The way to avail yourself of all the Options in Key Generation is simply to add the single word _expert_ to your gpg.conf File. This single, 1 word line in gpg.conf will also allow you to accomplish a lot of silly things. For instance, absurdly large Keys may be generated. If by 'bitrate' (bit rate?) you are referring to the hash function, you are limited to a 160 bit Hash and I'd suggest RIPEMD160. If you are using a Compiled version of 1.4.4 and have decided to generate a DSA2 Key, then I'd specify SHA256 to obtain security & maximum verification compatibility. JOHN ;) Timestamp: Thursday 08 Jun 2006, 23:43 --400 (Eastern Daylight Time) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4-svn4151: (MingW32) Comment: Public Key at: http://tinyurl.com/8cpho Comment: Gossamer Spider Web of Trust (US26): http://www.gswot.org Comment: Homepage: http://tinyurl.com/9ubue Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEcBAEBCgAGBQJEiO7TAAoJEBCGy9eAtCsP6XAIAIw0rn9LFyimSOBfK11cwuAE 1N6/ZElifmi9IEUH2zEARKjJzf6wVauHTMCFhx1A2iHtlzND6XEGwwDGnQv6VQcT NgcmjxfBGedWUqHqsg+CsNNSS8jdnVQPWv4zDG4Rx2al7B8t+jEmakzmq3iFkPVM zPZmJoCDrtLih6y60DXf2kdfjHamY6zoEF36NT/l3t2f60RSob06lpTRAtEUyHiL CpwGR6Jf56d9y3C49n4PcivodyHcYxe6FM9kHyNh8OR9GxfqGUb1pwXhmab/c03h 3qvKgdOeA+gBgbNwu3IwqQ4FickaV1So2eqyrLl5b5FdCAcDaoXFaczg45c80tc= =35H+ -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
