On Sat August 23 2008, Jeffrey Ollie wrote: > 2008/8/23 Axel Thimm <Axel Thimm atrpms net>: > > Have DSA keys now been banned? > > Yes. > > > Why? > > The primary reason is that it's nearly impossible to tell if the key > was generated on a Debian system with the compromised OpenSSL This is also true for RSA keys. > versions. I've heard rumblings that DSA keys are weaker for other > reasons, but I've not seen any good explanations. | In addition, any DSA key must be considered compromised if it has been used | on a machine with a 'bad' OpenSSL. Simply using a 'strong' DSA key (i.e., | generated with a 'good' OpenSSL) to make a connection from such a machine | may have compromised it. This is due to an 'attack' on DSA that allows the | secret key to be found if the nonce used in the signature is known or | reused. http://wiki.debian.org/SSLkeys#head-d841ac769390d013577ce3fd2be24b8cf5a74cfb If you look at the descriptions of the dsa signing algorithm, e.g. in the handbook of applied cryptography, you notice, that there is a random parameter that is meant to kept secret. Regards, Till  http://www.cacr.math.uwaterloo.ca/hac/about/chap11.pdf
Description: This is a digitally signed message part.