From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-52719-garchives=archives.gentoo.org@gentoo.org>)
	id 1GX43G-0000tb-OE
	for garchives@archives.gentoo.org; Mon, 09 Oct 2006 22:56:51 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.8/8.13.6) with SMTP id k99MtVca017820;
	Mon, 9 Oct 2006 22:55:31 GMT
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171])
	by robin.gentoo.org (8.13.8/8.13.6) with ESMTP id k99MpFH1030607
	for <gentoo-user@lists.gentoo.org>; Mon, 9 Oct 2006 22:51:15 GMT
Received: by ug-out-1314.google.com with SMTP id p27so653186ugc
        for <gentoo-user@lists.gentoo.org>; Mon, 09 Oct 2006 15:51:15 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=DD+1yhMfRpAg2Ek9dlcBNk8sPXmlGb3vAEkamL/p/gaORBhx9EHo6NLEBARBtYd4y9c8ZX1mpo9dawkPp3GVKHWFo2OuxDqlooAHcw7xcoqjBQjaZQ0C9r9MbeU0jb9hA2Yxvbkimu0Nc8xWacPTjTYZJw+rwS9mjAxtRfPd1b4=
Received: by 10.67.121.15 with SMTP id y15mr7482953ugm;
        Mon, 09 Oct 2006 15:51:14 -0700 (PDT)
Received: by 10.66.252.9 with HTTP; Mon, 9 Oct 2006 15:51:14 -0700 (PDT)
Message-ID: <c268e4660610091551r213075e4h90c7353ead1a2592@mail.gmail.com>
Date: Mon, 9 Oct 2006 15:51:14 -0700
From: Drew <drew.kay@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
In-Reply-To: <200610092311.31132.michaelkintzios@gmail.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <200610091508.32462.michaelkintzios@gmail.com>
	 <200610091648.23667.bss03@volumehost.net>
	 <200610092311.31132.michaelkintzios@gmail.com>
X-Archives-Salt: 844f0c8e-f358-4af7-a086-0c14c4d21b2b
X-Archives-Hash: bf01706e4b4e3e335dfdb7a9880abc7e

> > DSA is mathematically stronger than RSA.  However, that doesn't mean much
> > since most attacks don't come from attacking the core of the algorithm
> > anyway.
>
> Do you mean that an RSA key with twice the number of bits (e.g. 2048 or even
> higher) is still weaker (i.e. easier to crack) than the DSA key?  I know it's
> all psychological, but in my paranoid state it'll make me feel
> better . . .  :))

I think what he means is that for a given key length, 1024bits in this
case, the DSA key is, mathematically speaking, a stronger key. RSA has
the advantage of allowing longer key lengths which makes RSA a
stronger key, if you use >1024bits key length.

But as he also pointed out, most hackers try to find other areas of
weakness to exploit so the key strength becomes moot in that case.


-Andrew Kay
-- 
gentoo-user@gentoo.org mailing list