On Sat, May 31, 2008 at 09:34:43PM -0700, [EMAIL PROTECTED] wrote:
On Sat, May 31, 2008 at 01:15:51PM -0700, David Brown wrote:
DSA uses the same basic group and "hard" as RSA. It has the advantage or
disadvantage (depending on your perspective) that it can only be used for
signatures. Applications that need public key encryption as well typically
pair DSA with something like ElGamal (which is based on the discrete
logarithm problem).
That was why I didn't like DSA....because now I have to learn another algorithm
for public key encrpytion.
Yeah, ElGamal is kind of an odd beast, since it's not even deterministic.
I don't think DSA/ElGamal would have even been used much if it weren't for
the RSA patent.
A neat consequence of this separation of keys is that now gpg/pgp allow
them to be managed separately. It is common to have a long-lived signing
key, but have an encryption key with a shorter lifetime. Since it is the
signing key that is signed by others and is what is trusted, I can create
new encryption keys whenever I want, and just sign them.
Couldn't you do the same thing with multiple RSA keys?
You would think so, wouldn't you. GnuPG seems to have dropped support for
creating RSA keys, and nobody ever put it back.
David
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
