delta/python-packages/pycrypto.git - github.com: dlitz/pycrypto.git

diff options


context:
space:
mode:

Diffstat (limited to 'pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html')

-rw-r--r--

pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html

1 files changed, 68 insertions, 0 deletions

diff --git a/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html b/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html
new file mode 100644
index 0000000..106fce9
--- /dev/null
+++ b/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html

@@ -0,0 +1,68 @@

+<tt>

+<html>

+  <head>

+    <meta content="text/html; charset=ISO-8859-1"

+      http-equiv="Content-Type">

+  </head>

+  <body bgcolor="#FFFFFF" text="#000000">

+    That said, we should probably support the newer spec:

+    <blockquote>>>> from Crypto.PublicKey import DSA

+      >>> DSA.generate(3072)

+      Traceback (most recent call last):

+        File "<stdin>", line 1, in <module>

+        File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/DSA.py",

+      line 337, in generate

+          raise ValueError("Number of bits in p must be a multiple of 64

+      between 512 and 1024, not %d bits" % (bits,))

+      ValueError: Number of bits in p must be a multiple of 64 between

+      512 and 1024, not 3072 bits

+    </blockquote>

+

+    On 01/28/2013 02:21 AM, Legrandin wrote:

+    <blockquote

+cite="mid:CAGfyce2XC2Mv1ro=HL0Wab=AArWCr6x7b2MRn-vPEXWrpkNm0g@mail.gmail.com"

+      type="cite">I think you are looking at an older FIPS 186 spec.

+      The current one allows 3072 bits for DSA.

+

+      Besides that, DSA is based on a different hard problem than RSA.

+      A 1024 bit DSA signature is somewhat more secure than a 1024 bit

+      RSA signature.

+

+      <div class="gmail_quote">2012/12/12 . <span dir="ltr"><<a

+            moz-do-not-send="true" href="mailto:dcMhOYBdpZkH@web.de"

+            target="_blank">dcMhOYBdpZkH@web.de</a>>

+        <blockquote class="gmail_quote" style="margin:0 0 0

+          .8ex;border-left:1px #ccc solid;padding-left:1ex">

+          It is important to consider 1024bit DSA - NIST says this too -

+          not

+          secure anymore, or do you want your messages to be readable

+          within your lifetime?.

+          Since DSA max. key size is 1024bit it's time to think

+          about removing it completely from pycrypto and use RSA or ECC

+          (with your

+          own curves, not NIST's untrustable ones).

+

+          _______________________________________________

+          pycrypto mailing list

+          <a moz-do-not-send="true"

+            href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a>

+          <a moz-do-not-send="true"

+            href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto"

+            target="_blank">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a>

+        </blockquote>

+      </div>

+

+      <fieldset class="mimeAttachmentHeader"></fieldset>

+

+      <pre wrap="">_______________________________________________

+pycrypto mailing list

+<a class="moz-txt-link-abbreviated" href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a>

+<a class="moz-txt-link-freetext" href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a>

+</pre>

+    </blockquote>

+

+  </body>

+</html>

+</tt>