diff options
Diffstat (limited to 'pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html')
-rw-r--r-- | pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html b/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html new file mode 100644 index 0000000..106fce9 --- /dev/null +++ b/pipermail/pycrypto/attachments/20130128/fb41841c/attachment.html @@ -0,0 +1,68 @@ +<tt> +<html><br> + <head><br> + <meta content="text/html; charset=ISO-8859-1"<br> + http-equiv="Content-Type"><br> + </head><br> + <body bgcolor="#FFFFFF" text="#000000"><br> + That said, we should probably support the newer spec:<br><br> + <blockquote>>>> from Crypto.PublicKey import DSA<br><br> + >>> DSA.generate(3072)<br><br> + Traceback (most recent call last):<br><br> + File "<stdin>", line 1, in <module><br><br> + File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/DSA.py",<br> + line 337, in generate<br><br> + raise ValueError("Number of bits in p must be a multiple of 64<br> + between 512 and 1024, not %d bits" % (bits,))<br><br> + ValueError: Number of bits in p must be a multiple of 64 between<br> + 512 and 1024, not 3072 bits<br><br> + </blockquote><br> + <br><br> + On 01/28/2013 02:21 AM, Legrandin wrote:<br> + <blockquote<br> +cite="mid:CAGfyce2XC2Mv1ro=HL0Wab=AArWCr6x7b2MRn-vPEXWrpkNm0g@mail.gmail.com"<br> + type="cite">I think you are looking at an older FIPS 186 spec.<br><br> + The current one allows 3072 bits for DSA.<br><br> + <br><br> + Besides that, DSA is based on a different hard problem than RSA.<br><br> + A 1024 bit DSA signature is somewhat more secure than a 1024 bit<br> + RSA signature.<br><br> + <br><br> + <div class="gmail_quote">2012/12/12 . <span dir="ltr"><<a<br> + moz-do-not-send="true" href="mailto:dcMhOYBdpZkH@web.de"<br> + target="_blank">dcMhOYBdpZkH@web.de</a>></span><br><br> + <blockquote class="gmail_quote" style="margin:0 0 0<br> + .8ex;border-left:1px #ccc solid;padding-left:1ex"><br> + It is important to consider 1024bit DSA - NIST says this too -<br> + not<br><br> + secure anymore, or do you want your messages to be readable<br> + within your lifetime?.<br><br> + Since DSA max. key size is 1024bit it's time to think<br><br> + about removing it completely from pycrypto and use RSA or ECC<br> + (with your<br><br> + own curves, not NIST's untrustable ones).<br><br> + <br><br> + _______________________________________________<br><br> + pycrypto mailing list<br><br> + <a moz-do-not-send="true"<br> + href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a><br><br> + <a moz-do-not-send="true"<br> + href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto"<br> + target="_blank">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a><br><br> + </blockquote><br> + </div><br> + <br><br> + <br><br> + <fieldset class="mimeAttachmentHeader"></fieldset><br> + <br><br> + <pre wrap="">_______________________________________________<br> +pycrypto mailing list<br> +<a class="moz-txt-link-abbreviated" href="mailto:pycrypto@lists.dlitz.net">pycrypto@lists.dlitz.net</a><br> +<a class="moz-txt-link-freetext" href="http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto">http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto</a><br> +</pre><br> + </blockquote><br> + <br><br> + </body><br> +</html><br> + +</tt> |