On Sat August 23 2008, Jeffrey Ollie wrote: > 2008/8/23 Axel Thimm <Axel.Thimm@xxxxxxxxxx>: > > Have DSA keys now been banned? > > Yes. > > > Why? > > The primary reason is that it's nearly impossible to tell if the key > was generated on a Debian system with the compromised OpenSSL This is also true for RSA keys. > versions. I've heard rumblings that DSA keys are weaker for other > reasons, but I've not seen any good explanations. | In addition, any DSA key must be considered compromised if it has been used | on a machine with a 'bad' OpenSSL. Simply using a 'strong' DSA key (i.e., | generated with a 'good' OpenSSL) to make a connection from such a machine | may have compromised it. This is due to an 'attack' on DSA that allows the | secret key to be found if the nonce used in the signature is known or | reused. http://wiki.debian.org/SSLkeys#head-d841ac769390d013577ce3fd2be24b8cf5a74cfb If you look at the descriptions of the dsa signing algorithm, e.g. in the handbook of applied cryptography[1], you notice, that there is a random parameter that is meant to kept secret. Regards, Till [1] http://www.cacr.math.uwaterloo.ca/hac/about/chap11.pdf
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
