Re: RSA vs ECDSA (Was: Bits from keyring-maint: Pushing keyring updates. Let us bury your old 1024D key!)
On Wed, Mar 5, 2014, at 7:58, Bastian Blank wrote:
> On Wed, Mar 05, 2014 at 06:54:53AM +0000, Ondřej Surý wrote:
> > > Also ECDSA shares with DSA the serious disadvantage over RSA that making signatures on a system with a broken RNG can reveal the key.
> > Care to share a source? I thought that RSA would be vulnerable to poor RNG as well.
>
> The algorithm. DSA and ECDSA need randomness in the signature process,
> see Wikipedia.
>
> RSA only takes randomness during key generation.
I see, for the reference RFC6979 provides more information (and remedy
for the problem).
Thanks for the hint, I have googled for "ECDSA broken RNG" that didn't
reveal the correct source.
O.
--
Ondřej Surý <ondrej@sury.org>
Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
Reply to: