Questions tagged [dsa]
39 questions
88
votes
3 answers
Why OpenSSH deprecated DSA keys
There was a question RSA vs. DSA for SSH authentication keys asking which key is better. Basically all answers were more in a favour of RSA over DSA but didn't really tell that DSA would be somehow insecure.
Now however DSA was deprecated by OpenSSH…
Petr
- 990
- 1
- 7
- 6
32
votes
1 answer
New PGP key: RSA/RSA or DSA/Elgamal?
I wanted to create a new PGP key using GPG Keychain Access on my Mac. One of the options was to choose keytype:
RSA and RSA
DSA and Elgamal
RSA (Sign only)
DSA (Sign only)
I found this Superuser question, but it may be outdated. RSA keys seem to…
SPRBRN
- 7,379
- 6
- 33
- 37
23
votes
2 answers
Why are DSA keys referred to as DSS keys when used with SSH?
When I generate a DSA key with ssh-keygen -t dsa, the resulting public key will begin with ssh-dss.
How come? Why not ssh-dsa?
freyaariel
- 333
- 1
- 2
- 6
15
votes
1 answer
What are the differences between the RSA, DSA, and ECDSA keys that SSH uses?
In my /etc/ssh/ directory, I can see three keys which contains three different types of ssh keys:
-rw------- 1 root root 607 Oct 4 22:43 ssh_host_dsa_key
-rw-r--r-- 1 root root 623 Oct 4 22:43 ssh_host_dsa_key.pub
-rw------- 1 root root …
Chaminda Bandara
- 283
- 1
- 2
- 13
12
votes
2 answers
Should DSA keys be considered deprecated?
The gist of openssh deprecates dss-keys appears to be:
"In light of recently discovered vulnerabilities openssh deprecates DSA keys."
Does this mean I should generally consider DSA keys deprecated? The "upsteam announcement" linked to gives little…
user50849
- 2,490
- 2
- 15
- 15
7
votes
2 answers
Are RSA 2048, ECDSA, and the SHA uncrackable in the sense that AES-256 is uncrackable?
The answer
https://security.stackexchange.com/a/25392
has seemingly shown that AES-256 will not be directly cracked for at least the next 200 years (unless we manage to harvest the energy output of distant stars). The only available attacks will…
cryptonamus
- 309
- 2
- 7
6
votes
1 answer
openssl ECDHE-RSA... cipher suite selected while using RSA server cert and ECDSA client cert
The scene:
s_server using RSA certificate.
s_client using ECC-ECDSA certificate.
Client authentication is required (option -Verify set on s_server)
Cipher-suite selected after handshake is ECDHE-RSA-AES256-GCM-SHA384.
So, i don't completely…
jpradas
- 63
- 1
- 3
5
votes
1 answer
Impact analysis of CVE-2016-1000341 affecting BouncyCastle
I am analyzing the impact of CVE-2016-1000341 having CVSS score 7.5 and description "DSA signature generation vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55 or…
shashi
- 151
- 2
5
votes
1 answer
Does SSH support DSA with 2048 bit keys?
In FIPS 186-1 and 186-2 L could be any number between 512 and 1024 (inclusive) that was a multiple of 64. N was fixed at 160.
FIPS 186-3 changed it so that L and N could be any combination of the following:
L = 1024, N = 160
L = 2048, N = 224
L =…
neubert
- 1,605
- 3
- 18
- 36
3
votes
2 answers
Significance of the difference between DSA and RSA in signature verifying speed
I have run openssl speed and the output on my CPU for longest available DSA key size, which is 2048 bits:
sign verify sign/s verify/s
rsa 2048 bits 0.029185s 0.000799s 34.3 1252.3
dsa 2048 bits …
James Pond
- 77
- 2
- 9
3
votes
1 answer
Are DSA keys breakable?
Are the DSA keys breakable? If so, what is the maximum key size that is breakable with the latest technology ?
Why are DSA keys not used during authentication?
Can we use DSA keys for encryption?
user45475
- 1,030
- 2
- 9
- 14
3
votes
3 answers
Found DSA and RSA private keys hard-coded in a file during penetration testing. How to use them for SSH authentication?
We are performing a penetration test as part of a study where the hardware unit listens for connection over FTP, SSH, and Telnet. All of these are password-protected. The hardware unit must first be loaded with a small 4 MB "utility" that tells the…
whoami
- 1,366
- 9
- 17
3
votes
1 answer
Is it possible to have an RSA authentication subkey with a DSA master key?
My key setup is as follows:
sec dsa3072/CA72E53A
created: 2013-05-12 expires: never usage: SCA
trust: ultimate validity: ultimate
The following key was revoked on 2016-01-13 by DSA key CA72E53A
ssb elg4096/ADBBBE42
…
Jeroen
- 133
- 5
2
votes
1 answer
GPG: Can't encrypt DSA 3072 keys
I would like to ask this question as I'm not the first person which has
this behavior.
I'm trying to encrypt a simple message using GnuPG using a public key I've
received from a friend, he's using DSA 3072 but for some reason,
whenever I try to…
gpgfr
- 21
- 2
2
votes
1 answer
RSA vs DSA Digital Signature Message Digest Recovery
I'm learning about signatures using RSA and DSA, I've come across this little fact:
RSA can recover the message digest from the signature, whereas in DSA this isn’t possible – you have to have the original message too in order to determine the…
Crizly
- 2,597
- 4
- 18
- 29