Alexander Klimov <[email protected]> writes: >While the RSA may be easier to break if the entropy during the key >*generation* is low, the DSA is easier to break if the entropy during the key >*use* is low. Obviously, if you have access only to the public keys, the first >issue is more spectacular, but usually a key is used more often than generated.
My thoughts exactly, I've always stayed away from DLP-based PKCs (except DH) because they're extraordinarily brittle, with RSA you have to get entropy use right just once, with DLP PKCs you have to get it right every single time you use them. For embedded systems in particular that's just too risky. Peter. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
