[E-Lang] Crypto analytic attack on DSA
Mark S. Miller
Thu, 08 Feb 2001 07:46:19 -0800
At 08:24 PM Wednesday 2/7/01, Bill Frantz wrote:
>Daniel Bleichenbacher of Bell Labs has found an attack on DSA when
>implemented as recommended by FIPS 186. It appears from examination of the
>source code for Sun/Java 1.2, that their implementation suffers from this
>We have several possible methods of dealing with this problem:
>* Wait for Sun to fix the problem.
>* Use another DSA implementation.
>* Convert vat authentication to RSA.
>Converting vat authentication to RSA will increase the time it takes to
>generate the key pair, while cutting the time required for signing and
Unless the increase in key generation time is crushing, that's a great
tradeoff, even if DSA weren't compromised. I vote to convert to RSA. Would
that happen naturally with the incorporation of TLS? If so, could we bundle
this change into that one?