More secure use of DSA?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There is a need to combine algorithms of different kind. Since the security of the chain is that of its weakest links - it necessitates comparison between those different algorithms. Thus the assertion that the algorithms combined together should match each other in strength, to avoid both weakening the combination below acceptable pre-defined limit and paying unneeded penalty in performance.?

One alternative is combining the strongest known algorithms and pay the penalty in performance (and nobody seems to favor this option). ?

I hope I answered your question, and I'm repeating mine: what is your alternative?

Sent?from?my?BlackBerry?10?smartphone?on?the Verizon?Wireless?4G?LTE?network.
? Original Message ?
From: Salz, Rich
Sent: Sunday, September 4, 2016 14:42
To: openssl-users at openssl.org
Reply To: openssl-users at openssl.org
Subject: Re: More secure use of DSA?

> So what's your proposed method of combining algorithms?? You reject the
> commonly accepted approach, but when asked to offer an alternative, you
> start evading? Do you have no alternative then?

Start evading. Sheesh.

I made a casual comment and said YMMV, encouraging disagreement. Now I find myself being challenged. I am not thrilled with the tenor of this conversation.

The needs of encryption aren't necessarily equivalent to the needs of authentication, nor digesting. Nobody has ever shown that they have to be equivalent strength. Why do they have to be? It's just asserted that they should match. I don't buy into that assertion, and will, instead, turn the question back: why do they have to be? 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4350 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160904/e10d8d8a/attachment.bin>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux