[openssl-users] More secure use of DSA?

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Fri Sep 2 18:16:52 UTC 2016

On 9/2/16, 12:09 , "openssl-users on behalf of Salz, Rich" <openssl-users-bounces at openssl.org on behalf of rsalz at akamai.com> wrote:



I thought DSA was more secure than RSA? Granted, "I thought" is a newbie



This is completely wrong. 



If you have a consistently good source of randomness (in my environment RDRAND counts as such), then DSA is fine, and in theory is stronger than RSA because it relies on a harder mathematical problem. If your source of randomness is questionable – DSA won’t be secure (as Rich said).


Then of course there are the implementation issues – the randomness source may be available, but does the application use it correctly? (I hope that for OpenSSL the answer is “yes”, but I did not check, as I’m using RSA for work-related things, and ECC for fun. J)


Suite B and its follow-up do not include DSA. RSA and ECC only, with a warning to stand by for PQC stuff.


In summary: do what everybody else does – use RSA. J

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160902/0c9a3fc1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5227 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160902/0c9a3fc1/attachment.bin>

More information about the openssl-users mailing list