What is the difference between DSA and RSA

Question

It appears they are both encryption algorithms that require public and private keys   Why would I pick one versus the other to provide encryption in my client server application

User · Answer

Btw  you cannot encrypt with DSA  only sign  Although they are mathematically equivalent  more or less  you cannot use DSA in practice as an encryption scheme  only as a digital signature scheme

User · Answer

Referring  https   web archive org web 20140212143556 http   courses cs tamu edu 80 pooch 665 spring2008 Australian-sec-2006 less19 html RSA RSA encryption and decryption are commutative hence it may be used directly as a digital signature scheme  given an RSA scheme   e R    d p q   to sign a message M  compute  S   M power d  mod R   to verify a signature  compute  M   S power e mod R    M power e d mod R    M mod R   RSA can be used both for encryption and digital signatures   simply by reversing the order in which the exponents are used  the secret exponent  d  to create the signature  the public exponent  e  for anyone to verify the signature  Everything else is identical    DSA  Digital Signature Algorithm  DSA is a variant on the ElGamal and Schnorr algorithms  It creates a 320 bit signature  but with 512-1024 bit security again rests on difficulty of computing discrete logarithms has been quite widely accepted    DSA Key Generation  firstly shared global public key values  p q g  are chosen  choose a large prime p   2 power L  where L  512 to 1024 bits and is a multiple of 64  choose q  a 160 bit prime factor of p-1  choose g   h power  p-1  q  for any h lt p-1  h p-1  q mod p  gt 1  then each user chooses a private key and computes their public key   choose x lt q  compute y   g power x mod p   DSA key generation is related to  but somewhat more complex than El Gamal  Mostly because of the use of the secondary 160-bit modulus q used to help speed up calculations and reduce the size of the resulting signature  DSA Signature Creation and Verification  to sign a message M  generate random signature key k  k lt q  compute  r    g power k mod p   mod q   s   k-1 SHA M   x r  mod q   send signature  r s  with message  to verify a signature  compute   w   s-1 mod q   u1   SHA M  w  mod q   u2  r w mod q   v    g power u1 y power u2 mod p   mod q   if v r then the signature is verified  Signature creation is again similar to ElGamal with the use of a per message temporary signature key k  but doing calc first mod p  then mod q to reduce the size of the result  Note that the use of the hash function SHA is explicit here  Verification also consists of comparing two computations  again being a bit more complex than  but related to El Gamal   Note that nearly all the calculations are mod q  and hence are much faster  But  In contrast to RSA  DSA can be used only for digital signatures  DSA Security  The presence of a subliminal channel exists in many schemes  any that need a random number to be chosen   not just DSA  It emphasises the need for  quot system security quot   not just a good algorithm

User · Answer

With reference to man ssh-keygen  the length of a DSA key is restricted to exactly 1024 bit  to remain compliant with NIST s FIPS 186-2  Nonetheless  longer DSA keys are theoretically possible  FIPS 186-3  explicitly allows them  Furthermore  security is no longer guaranteed with 1024 bit long RSA or DSA keys   In conclusion  a 2048 bit RSA key is currently the best choice   MORE PRECAUTIONS TO TAKE  Establishing a secure SSH connection entails more than selecting safe encryption key pair technology  In view of Edward Snowden s NSA revelations  one has to be even more vigilant than what previously was deemed sufficient   To name just one example  using a safe key exchange algorithm is equally important  Here is a nice overview of current best SSH hardening practices

User · Answer

Check AVA s answer below   My old answer seems wrong

User · Answer

And in addition to the above nice answers      DSA uses Discrete logarithm     RSA uses Integer Factorization    RSA stands for Ron Rivest  Adi Shamir and Leonard Adleman

[encryption] What is the difference between DSA and RSA?

Examples related to encryption

Examples related to rsa

Examples related to key

Examples related to dsa