[prev in list] [next in list] [prev in thread] [next in thread]
List: openssh-bugs
Subject: [Bug 1119] Enhancement request for raising minimum acceptable key
From: bugzilla-daemon () mindrot ! org
Date: 2005-11-28 11:15:32
Message-ID: 20051128111532.C8A8617E659 () mail ! mindrot ! org
[Download RAW message or body]
http://bugzilla.mindrot.org/show_bug.cgi?id=1119
------- Comment #4 from dtucker@zip.com.au 2005-11-28 22:15 -------
(In reply to comment #3)
> Well the FIPS may specify 1024 bits for DSA but is there any reason besides the
> FIPS why larger DSA keys should not be used? Are they less secure (probably
> not).
They're not less secure, but they're apparently not (much?) more secure. The
security is apparently limited by the 160 bit subgroup that's part of the
public key, and the use of SHA1 (again, 160 bits).
So there's no real security gain, and the larger keys can confuse other
implementations which do adhere strictly to the spec. If you want big keys,
use RSA.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
http://www.mindrot.org/mailman/listinfo/openssh-bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic