On Wed, 15 Feb 2012, Ralph Holz wrote: > But they reach this conclusion in the abstract that RSA is > "significantly riskier" than ElGamal/DSA. In the body of the paper, > they indicate (although they are much more defensive already) that > this is due to the fact that you need two factors and more > randomness to go into the key creation.
While the RSA may be easier to break if the entropy during the key *generation* is low, the DSA is easier to break if the entropy during the key *use* is low. Obviously, if you have access only to the public keys, the first issue is more spectacular, but usually a key is used more often than generated. -- Regards, ASK _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
