What is the difference between DSA and RSA

Question

It appears they are both encryption algorithms that require public and private keys   Why would I pick one versus the other to provide encryption in my client server application

User · Answer

Check AVA s answer below   My old answer seems wrong

User · Answer

Referring  https   web archive org web 20140212143556 http   courses cs tamu edu 80 pooch 665 spring2008 Australian-sec-2006 less19 html RSA RSA encryption and decryption are commutative hence it may be used directly as a digital signature scheme  given an RSA scheme   e R    d p q   to sign a message M  compute  S   M power d  mod R   to verify a signature  compute  M   S power e mod R    M power e d mod R    M mod R   RSA can be used both for encryption and digital signatures   simply by reversing the order in which the exponents are used  the secret exponent  d  to create the signature  the public exponent  e  for anyone to verify the signature  Everything else is identical    DSA  Digital Signature Algorithm  DSA is a variant on the ElGamal and Schnorr algorithms  It creates a 320 bit signature  but with 512-1024 bit security again rests on difficulty of computing discrete logarithms has been quite widely accepted    DSA Key Generation  firstly shared global public key values  p q g  are chosen  choose a large prime p   2 power L  where L  512 to 1024 bits and is a multiple of 64  choose q  a 160 bit prime factor of p-1  choose g   h power  p-1  q  for any h lt p-1  h p-1  q mod p  gt 1  then each user chooses a private key and computes their public key   choose x lt q  compute y   g power x mod p   DSA key generation is related to  but somewhat more complex than El Gamal  Mostly because of the use of the secondary 160-bit modulus q used to help speed up calculations and reduce the size of the resulting signature  DSA Signature Creation and Verification  to sign a message M  generate random signature key k  k lt q  compute  r    g power k mod p   mod q   s   k-1 SHA M   x r  mod q   send signature  r s  with message  to verify a signature  compute   w   s-1 mod q   u1   SHA M  w  mod q   u2  r w mod q   v    g power u1 y power u2 mod p   mod q   if v r then the signature is verified  Signature creation is again similar to ElGamal with the use of a per message temporary signature key k  but doing calc first mod p  then mod q to reduce the size of the result  Note that the use of the hash function SHA is explicit here  Verification also consists of comparing two computations  again being a bit more complex than  but related to El Gamal   Note that nearly all the calculations are mod q  and hence are much faster  But  In contrast to RSA  DSA can be used only for digital signatures  DSA Security  The presence of a subliminal channel exists in many schemes  any that need a random number to be chosen   not just DSA  It emphasises the need for  quot system security quot   not just a good algorithm

User · Answer

Btw  you cannot encrypt with DSA  only sign  Although they are mathematically equivalent  more or less  you cannot use DSA in practice as an encryption scheme  only as a digital signature scheme

User · Answer

With reference to man ssh-keygen  the length of a DSA key is restricted to exactly 1024 bit  to remain compliant with NIST s FIPS 186-2  Nonetheless  longer DSA keys are theoretically possible  FIPS 186-3  explicitly allows them  Furthermore  security is no longer guaranteed with 1024 bit long RSA or DSA keys   In conclusion  a 2048 bit RSA key is currently the best choice   MORE PRECAUTIONS TO TAKE  Establishing a secure SSH connection entails more than selecting safe encryption key pair technology  In view of Edward Snowden s NSA revelations  one has to be even more vigilant than what previously was deemed sufficient   To name just one example  using a safe key exchange algorithm is equally important  Here is a nice overview of current best SSH hardening practices

User · Answer

And in addition to the above nice answers      DSA uses Discrete logarithm     RSA uses Integer Factorization    RSA stands for Ron Rivest  Adi Shamir and Leonard Adleman

[encryption] What is the difference between DSA and RSA?

The answer is

MORE PRECAUTIONS TO TAKE

Examples related to encryption

Examples related to rsa

Examples related to key

Examples related to dsa

Tags