Thursday, September 10, 2015


When we generate a public-private keypair in PGP, it gives us the option of selecting DSA or RSA. We are often confused which one to select. What is the difference actually ? And what are the pros and cons of DSA and RSA ?

Let's come to the point. If we think about cryptographic strength, both the algorithms are almost same. So, in that regard, you can select any of DSA and RSA. However, if performance is an issue, it can make a difference.

DSA was originally intended for signing, but now it can be used for encryption and decryption also. On the other hand, RSA has long been used for both encryption and signing.

Here are few facts about DSA and RSA:

  • If we think about key generation, DSA is faster than RSA.
  • In terms of encrypting, RSA is faster than DSA.
  • In decryption, DSA is faster than RSA.
  • DSA is faster than RSA in generating digital signature.
  • RSA is faster than DSA in verifying digital signature.

Now, key generation is faster for DSA. But in a server-client communication, key generation is done only once for server keys and once for client keys, so even if DSA is faster at the time of key generation, it should not be counted as a big point against RSA.

For encryption and decryption of files, server keys are used. User encrypts file in the client side with the public key, and sends it to the server side. Decryption is done at the server side with the private key. Now, encryption is faster in RSA and decryption is faster in DSA. So, if performance is a concern in client side, RSA should be used. On the other hand, if the server is slow, we would want to use DSA.

However, public and private keys are used to encrypt and decrypt the session key at the start of a session. At the time of actual file transfer between the server and the client, the session key, which is a symmetric key, is used. So, DSA and RSA will make difference at the start of a session.

So, overall, as per cryptographic strength, both DSA and RSA are almost same. And both DSA and RSA have their own pros and cons in terms of performance. So, if performance is an issue, you should look into where the problem lies, and depending on that, you would want to select DSA or RSA.

Read More

What is Symmetric Key Encryption ?

How are Symmetric Key Encryption and Public Key Encryption different from each other ?

What is PGP or Pretty Good Privacy ?

How can PGP be used for server-client communication ?

Infographic : How to encrypt and decrypt files using PGP ? 

How to use gnupg module in Python ?

What is entropy and how do entropy and randomness improve security ?

How does Full Disk Encryption protect us from data theft ?

PGP vs OpenPGP vs GnuPG - How are they different from each other ?

What is Blockchain and how can it be used in Digital Signatures ?

No comments:

Post a Comment