[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bigger DSA keys
Ian G wrote:
Hal Finney wrote:
The new DSS keys will, according to what I have heard, be for two sizes:
2048 and 3072 bits, and will use SHA-224 and SHA-256 respectively.
(SHA-224 is not presently an OpenPGP algorithm; it is basically a
truncated version of SHA-256 with a different internal initial value).
This will allow for larger keys and use a different hash than SHA-1.
(assuming we do it,) I would suggest we ditch the 2048/224
and just implement the 3072/256.
(We could add the other one as a MAY ... but I can't see
the point of it. Sure NIST may split hairs on it, but
let's save ourselves the doco and the discussion and
just do the better one.)
How about because generating 2048 bit primes already takes long enough,
and 3072 takes ages?
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff