Which is better RSA or DSA public key?
I FINALLY got public key authentification to work. But Which is better? RSA or DSA?
Thanks in advance. |
Define "better"?
|
At the risk of a newbie leading a newbie...
I've read that RSA is less secure than DSA but authenticates faster. Sonny. |
Quote:
So go with DSA. May as well go for more security and it pretty much doesn't come with a price. |
DSA is faster in *signing*, but slower in *verifying*.
A DSA key of the same strength as RSA (1024 bits) generates a smaller signature. An RSA 512 bit key has been cracked, but only a 280 DSA key. It doesn't matter because with Ssh only authentication is done using RSA or DSA algorithm, and then the "rest" is encoded using a (uh, was it block?) cipher like IDEA, DES, Blowfish, etc, etc after the authentication is done. While Ssh2 can use either DSA or RSA keys, Ssh1 cannot. Ssh2 will also not use patented cypers like IDEA. More info here and here (the latter bein a wee bit old). |
hey,
speaking of RSA and DSA, what is the information that is encoded? in other terms , whats the information in the DSA? a password encoded? a random number? Thanxs |
***BUMP***
I found this thread because I am confused. It is because I'm looking for ssh-keygen howtos on the web. One shows http://thinkhole.org/wp/2006/10/30/f...re-secure-ssh/ Code:
ssh-keygen -v -t rsa http://www.suso.org/docs/shell/ssh.sdf The other one shows Code:
ssh-keygen -v dsa thanks |
DSA is something that is actively pushed by the government, btw, because DSA cannot be used to encrypt stuff, only to sign it. RSA can be used to both encrypt AND sign.
That said, DSA is faster at signing. RSA is faster at verifying. Really.. who cares. I use RSA just because I like to stick it to the G-man. |
For anobody who's looking more of this, go through this mailing list discussion : http://leaf.dragonflybsd.org/mailarc.../msg00140.html
|
Quote:
Please, read about first. "A fellow by the name of Leo de Velez from the Phillipines had thought he had broken RSA, and a reporter colleague wrote up this story and published it. This is probably what you have heard about. " (Ron Rivers, the 'R' of RSA) Here you can read the original mail between both: http://www.seedmuse.com/rsa_edit.htm Cheers |
Hey, thanks for drudging up a 2 year old dead thread. I was having trouble sleeping at night because of what you deem to be faulty information.
I think I may actually be able to die now, and rest in peace, because you have provided such useful input. And done it so eloquently, too. Thanks again! cheers, |
nice
|
I agree that resurrecting a two year old dead thread for this is ridiculous. Furthermore, I find the language and tone of morphynoman's post to be objectionable. I'm closing this thread. If anyone has a desire to start another RSA/DSA discussion, start a new thread and use references as necessary.
|
All times are GMT -5. The time now is 02:52 PM. |