[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RSA vs ECDSA (Was: Bits from keyring-maint: Pushing keyring updates. Let us bury your old 1024D key!)

On Wed, Mar 5, 2014, at 7:58, Bastian Blank wrote:
> On Wed, Mar 05, 2014 at 06:54:53AM +0000, Ondřej Surý wrote:
> > > Also ECDSA shares with DSA the serious disadvantage over RSA that making signatures on a system with a broken RNG can reveal the key.
> > Care to share a source? I thought that RSA would be vulnerable to poor RNG as well.
> 
> The algorithm.  DSA and ECDSA need randomness in the signature process,
> see Wikipedia.
> 
> RSA only takes randomness during key generation.

I see, for the reference RFC6979 provides more information (and remedy
for the problem).

Thanks for the hint, I have googled for "ECDSA broken RNG" that didn't
reveal the correct source.

O.
-- 
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Reply to: