LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Closed Thread
 
Search this Thread
Old 01-24-2002, 02:54 PM   #1
tarballedtux
Member
 
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
Which is better RSA or DSA public key?


I FINALLY got public key authentification to work. But Which is better? RSA or DSA?

Thanks in advance.
 
Old 01-24-2002, 04:02 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,990
Blog Entries: 54

Rep: Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743
Define "better"?
 
Old 01-24-2002, 04:07 PM   #3
Sonny
Newbie
 
Registered: Jan 2002
Location: Burnaby British Columbia
Distribution: Redhat 7.1
Posts: 25

Rep: Reputation: 15
At the risk of a newbie leading a newbie...

I've read that RSA is less secure than DSA but authenticates faster.

Sonny.
 
Old 01-24-2002, 06:00 PM   #4
lfslinux
LFS Maintainer
 
Registered: Jan 2002
Location: Canmore, Alberta, Canada
Distribution: Linux From Scratch
Posts: 372

Rep: Reputation: 30
Quote:
Originally posted by Sonny
At the risk of a newbie leading a newbie...

I've read that RSA is less secure than DSA but authenticates faster.

Sonny.
That's correct. But the speed difference in authentication is so small (if you talk about ssh'ing into a system with a regular size password of say 8 characters (or a few more if you use MD5) that you will not notice a difference.

So go with DSA. May as well go for more security and it pretty much doesn't come with a price.
 
Old 01-25-2002, 01:29 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,990
Blog Entries: 54

Rep: Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743Reputation: 2743
DSA is faster in *signing*, but slower in *verifying*.
A DSA key of the same strength as RSA (1024 bits) generates a smaller signature.
An RSA 512 bit key has been cracked, but only a 280 DSA key.
It doesn't matter because with Ssh only authentication is done using RSA or DSA algorithm, and then the "rest" is encoded using a (uh, was it block?) cipher like IDEA, DES, Blowfish, etc, etc after the authentication is done.
While Ssh2 can use either DSA or RSA keys, Ssh1 cannot. Ssh2 will also not use patented cypers like IDEA.

More info here and here (the latter bein a wee bit old).
 
Old 06-08-2006, 03:55 PM   #6
Tarekaz
Member
 
Registered: Sep 2005
Location: Aachen
Distribution: Fedora Core 4 , Suse , Xp , win98
Posts: 46

Rep: Reputation: 15
hey,

speaking of RSA and DSA, what is the information that is encoded?

in other terms , whats the information in the DSA? a password encoded? a random number?

Thanxs
 
Old 10-31-2006, 10:26 AM   #7
JockVSJock
Member
 
Registered: Jan 2004
Posts: 602

Rep: Reputation: 31
***BUMP***

I found this thread because I am confused. It is because I'm looking for ssh-keygen howtos on the web.

One shows

http://thinkhole.org/wp/2006/10/30/f...re-secure-ssh/
Code:
ssh-keygen -v -t rsa

http://www.suso.org/docs/shell/ssh.sdf
The other one shows
Code:
ssh-keygen -v dsa
So for a basic user like me who wants to get access to his network from a remote location, which would work better?

thanks
 
Old 10-31-2006, 10:30 AM   #8
coontie
Member
 
Registered: Jun 2003
Distribution: Fedora Core 5
Posts: 100

Rep: Reputation: 15
DSA is something that is actively pushed by the government, btw, because DSA cannot be used to encrypt stuff, only to sign it. RSA can be used to both encrypt AND sign.

That said, DSA is faster at signing. RSA is faster at verifying.

Really.. who cares. I use RSA just because I like to stick it to the G-man.
 
Old 12-05-2006, 08:20 AM   #9
amitsharma_26
Member
 
Registered: Sep 2005
Location: New delhi
Distribution: RHEL 3.0/4.0
Posts: 777

Rep: Reputation: 31
For anobody who's looking more of this, go through this mailing list discussion : http://leaf.dragonflybsd.org/mailarc.../msg00140.html
 
Old 02-02-2009, 01:44 AM   #10
morphynoman
Member
 
Registered: Nov 2008
Posts: 32

Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
An RSA 512 bit key has been cracked, but only a 280 DSA key.
What kind of bullshit is this?.
Please, read about first. "A fellow by the name of Leo de Velez from the Phillipines had thought he had broken RSA, and a reporter colleague wrote up this story and published it. This is probably what you have heard about. " (Ron Rivers, the 'R' of RSA)
Here you can read the original mail between both:
http://www.seedmuse.com/rsa_edit.htm

Cheers
 
Old 02-02-2009, 05:49 AM   #11
mrclisdue
Senior Member
 
Registered: Dec 2005
Distribution: Slackware -current, 14.1
Posts: 1,031

Rep: Reputation: 160Reputation: 160
Hey, thanks for drudging up a 2 year old dead thread. I was having trouble sleeping at night because of what you deem to be faulty information.

I think I may actually be able to die now, and rest in peace, because you have provided such useful input. And done it so eloquently, too.

Thanks again!

cheers,
 
Old 02-02-2009, 12:50 PM   #12
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
nice
 
Old 02-03-2009, 06:15 AM   #13
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
I agree that resurrecting a two year old dead thread for this is ridiculous. Furthermore, I find the language and tone of morphynoman's post to be objectionable. I'm closing this thread. If anyone has a desire to start another RSA/DSA discussion, start a new thread and use references as necessary.
 
1 members found this post helpful.
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
V3 DSA signature: NOKEY, key I 123racoons Fedora 0 06-24-2004 11:59 AM
How do I get a DSA public key ??? amp2000 Linux - General 5 12-17-2003 03:30 PM
RSA vs DSA??? dm0nkz Slackware 1 02-06-2003 11:30 AM
RSA public key encryption/private key decription koningshoed Linux - Security 1 08-08-2002 07:25 AM
SSH, DSA and RSA Rex_chaos Linux - Networking 0 03-22-2002 05:54 AM


All times are GMT -5. The time now is 02:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration