On Sat, May 31, 2008 at 01:15:51PM -0700, David Brown wrote: > DSA uses the same basic group and "hard" as RSA. It has the advantage or > disadvantage (depending on your perspective) that it can only be used for > signatures. Applications that need public key encryption as well typically > pair DSA with something like ElGamal (which is based on the discrete > logarithm problem).
That was why I didn't like DSA....because now I have to learn another algorithm for public key encrpytion. > DSA has been granted royalty free use by the patent holder. > > A neat consequence of this separation of keys is that now gpg/pgp allow > them to be managed separately. It is common to have a long-lived signing > key, but have an encryption key with a shorter lifetime. Since it is the > signing key that is signed by others and is what is trusted, I can create > new encryption keys whenever I want, and just sign them. Couldn't you do the same thing with multiple RSA keys? Chris -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
