As well know the user can choose between RSA and DH/DSS key pair generation in PGP.
Are there statistics how much existing key pairs belong to the RSA type and how much
to the DH/DSS type?
Towards which key pair type is the trend going during the last years ?
If possible an additional statistic about the key lengths would be interesting.
Rod
On 2005-12-05 06:54:18 -0500, rnewton12@yahoo.com (Rod Newton) said:
> As well know the user can choose between RSA and DH/DSS key pair
> generation in PGP.
>
> Are there statistics how much existing key pairs belong to the RSA type
> and how much
> to the DH/DSS type?
>
> Towards which key pair type is the trend going during the last years ?
>
> If possible an additional statistic about the key lengths would be interesting.
>
> Rod
The trend, in my opinion..., seems to be RSA. Not to mention it is the
current default key of PGP Corp and is used by most Social Engineers.
:-) Both are great, However, I would roll the dice with what the boys @
MIT built. It's Proven! Last..., why take a chance with something NSA
Built. Especially with operation "CYBEI2:STOI2M" still in progess...
1. RSA: - Created in 1977 by Ron Rivest, Adi Shamir and Len Adleman at MIT.
2. DH/DSS: - Created by David W. Kravitz, @ NSA.
>>> Cheers <<<
--
> B4.U "C-R-A-$-H" Hit:S@VE + BackUp. <
El Gamal (what PGP inaccurately calls "Diffie-Hellman") and DSA (what
PGP inaccurately calls DSS) are both part of the El Gamal family of
algorithms, discovered by Taher El Gamal in 1984.
The El Gamal families are not the 'inventions' of the NSA in any
meaningful sense.
There are also some moderately strong lines of reasoning supporting the
proposition that El Gamal is based upon a harder mathematical problem
than RSA is based upon.
This is a Type III anonymous message, sent to you by the Mixminion
server at mercurio.mixmaster.it. If you do not want to receive
anonymous messages, please contact mercurio-admin@mixmaster.it
-----BEGIN TYPE III ANONYMOUS MESSAGE-----
Message-type: plaintext
In <1141694801.475449.182350@z34g2000cwc.googlegroups.com> "Robert J. Hansen"
>El Gamal (what PGP inaccurately calls "Diffie-Hellman") and DSA (what
>PGP inaccurately calls DSS) are both part of the El Gamal family of
>algorithms, discovered by Taher El Gamal in 1984.
>
>The El Gamal families are not the 'inventions' of the NSA in any
>meaningful sense.
>
>There are also some moderately strong lines of reasoning supporting the
>proposition that El Gamal is based upon a harder mathematical problem
>than RSA is based upon.
>
>
What about the lack of a 'hash function firewall' that I've seen you write so much about?
That makes RSA preferable to me in spite of El Gamal's allegedly harder math.
-----END TYPE III ANONYMOUS MESSAGE-----
On 2006-03-06 20:26:41 -0500, "Robert J. Hansen"
> El Gamal (what PGP inaccurately calls "Diffie-Hellman") and DSA (what
> PGP inaccurately calls DSS) are both part of the El Gamal family of
> algorithms, discovered by Taher El Gamal in 1984.
Thanks for the correction. Just curious, why would they call it something else?
>
> The El Gamal families are not the 'inventions' of the NSA in any
> meaningful sense.
My understading is that it is a different algorithm and has it's own
patent assigned to: USA, Secretary of Commerce. (I guess it would not
be ethical if it wore assigned to NSA ;-) But David W. Kravitz (NSA
employee) is credited.
http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=H ITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1=5,2 31,668.WKU.&OS=PN/5,231,668&RS=PN/5,231,668
maybe
the whole: "Its not the inventor, but the explorer".
>
> There are also some moderately strong lines of reasoning supporting the
> proposition that El Gamal is based upon a harder mathematical problem
> than RSA is based upon.
That's good to know, however isn't the question about trend? There are
alot of RSA keys out there. Thanks.
On another note; Good luck with your GUI dude. Look forward to what
you guys come up with and I think its great that you are going to
release under creative commons. My only advice; "make something great:"
and KISS (as the old saying goes; keep it simple stupid). Last, make
sure your graphics are "off the hook". No cheesy windows stuff. Count
me in, if you need creative direction (look and feel) . We're rooting
for you !
Cheers.
--
> B4.U "C-R-A-$-H" Hit:S@VE + BackUp. <
> What about the lack of a 'hash function firewall' that I've
> seen you write so much about?
That only applies to OpenPGP's implementation of DSA.
> why would they call it something else?
PGP Corporation has a long history of naming things what they want to
name it, and not what it's actually named. For instance, PGP 9.x calls
SHA512 SHA-2-512, SHA384 SHA-2-384, and SHA256 SHA-2-256. I've heard
people call the new SHAs the "SHA2 family" when speaking about all of
them as a unit, but when talking about a particular version, the names
are well-known. According to NIST, they're SHA512, SHA384 and SHA256.
Why PGP insists on renaming them is something I don't understand.
Likewise with calling it "Diffie-Hellman encryption", when it's really
El Gamal.
And similarly, they've declared SHA-1 to be "partially deprecated".
Maybe I'm just dumb, but I can't for the life of me figure out what it
means to be "partially deprecated". Either something is deprecated or
else it's not. If they wanted to say "SHA-1 is deprecated for these
purposes, and it's not deprecated for these other purposes", that would
be fine... but "partial deprecation", by itself, is entirely useless:
it doesn't give me any useful information.
> Good luck with your GUI dude.
Thanks. :) However, a word of warning: we're not looking at producing
anything more than a proof of concept. The final code is going to be
GPLed, with the survey responses and our human-interface data Creative
Commonsed, so that hopefully people can take our research and take it
farther.