openssl and DSA q size doubt
Billy Brumley
bbb at iki.fi
Thu Jul 25 07:22:48 UTC 2024
Howdy,
> But my question is why q is not 160 bits but instead 224 bits was used by openssl since the FIPS 186 standard clearly says to use q size 160 bits for p size 1024 bits?
>
> Can someone familiar with the topic, clarify my doubt please? Maybe I missed some fine points in the standard.
I'd suggest using `genpkey` instead of `dsaparam`, like so:
openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:1024 -pkeyopt
qbits:160
Cheers,
BBB
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4089 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20240725/eaaf5be7/attachment.p7s>
More information about the openssl-users
mailing list