[E-Lang] Crypto analytic attack on DSA

[Mark S. Miller]

At 08:24 PM Wednesday 2/7/01, Bill Frantz wrote:
>Daniel Bleichenbacher of Bell Labs has found an attack on DSA when
>implemented as recommended by FIPS 186.  It appears from examination of the
>source code for Sun/Java 1.2, that their implementation suffers from this
>problem.
>
>We have several possible methods of dealing with this problem:
>
>* Wait for Sun to fix the problem.
>* Use another DSA implementation.
>* Convert vat authentication to RSA.
>
>Converting vat authentication to RSA will increase the time it takes to
>generate the key pair, while cutting the time required for signing and
>verification.

Unless the increase in key generation time is crushing, that's a great 
tradeoff, even if DSA weren't compromised.  I vote to convert to RSA.  Would 
that happen naturally with the incorporation of TLS?  If so, could we bundle 
this change into that one?


        Cheers,
        --MarkM