Re: SSH keys: DSA vs RSA

Date: Thu, 15 May 2008 09:58:16 +0200
From: "Steinar H. Gunderson" <sgunderson@xxxxxxxxxxx>
Subject: Re: SSH keys: DSA vs RSA

On Thu, May 15, 2008 at 05:11:27AM +0200, Goswin von Brederlow wrote:
> The DSA signing uses (secret key + random) in the signature and that
> sum is trivial to compute given the signed message and public key. The
> security of DSA relies solely on the fact that random can't be guessed
> so you can't compute the secret key from the sum.

Actually it uses
(inverse random) * (hash + (secret key) * (number inferred from public key and random)).

> Also if you have 2 messages signed with the same random number you can
> compute the secret key. It is more complicated then this but
> simplified boils down to is computing k given (k + r) * Message1 ==
> Signature1 and (k + r) * Message2 == Signature2.

For the details, since everyone doesn't read Planet Debian:

  http://blog.sesse.net/blog/tech/2008-05-14-17-21_some_maths

/* Steinar */
-- 
Homepage: http://www.sesse.net/


-- 
To UNSUBSCRIBE, email to debian-devel-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

Follow-Ups:
- ssl security desaster (was: Re: SSH keys: DSA vs RSA)
  - From: Martin Uecker

References:
- SSH keys: DSA vs RSA (was: Alioth and SSH: restored)
  - From: Ben Finney
- Re: SSH keys: DSA vs RSA (was: Alioth and SSH: restored)
  - From: brian m. carlson
- Re: SSH keys: DSA vs RSA (was: Alioth and SSH: restored)
  - From: Steve Greenland
- Re: SSH keys: DSA vs RSA
  - From: Russ Allbery
- Re: SSH keys: DSA vs RSA
  - From: Goswin von Brederlow

Prev by Date: Re: ssl problems: gpg affected?
Next by Date: Re: ssl problems: gpg affected?
Previous by thread: Re: SSH keys: DSA vs RSA
Next by thread: ssl security desaster (was: Re: SSH keys: DSA vs RSA)
Index(es):
- Date
- Thread

lists-archives.org

Re: SSH keys: DSA vs RSA