[Cryptography] "‘The intelligence coup of the century’"
Bill Stewart
billstewart at pobox.com
Thu Feb 13 16:47:14 EST 2020
On 2/12/2020 5:09 PM, Ryan Carboni wrote:
> Phillip Hallam-Baker wrote:
>> So how did we get directed down the RSA path and not the Diffie-Hellman
> path?
I see 2.5 big advantages of RSA over DH
- DH is interactive, while RSA works just fine with publishing a public
key and reusing it multiple times. So for non-interactive applications
like email and PGP, RSA's easier.
- DH doesn't directly do signatures, and signatures are not only useful
in themselves, but also you usually need signatures to trust the public
key parts of DH key exchanges. (Yes, there are El-Gamal signatures.)
- PGP used RSA, mostly ignoring the RSA patents, which pushed RSA to put
out a simplified library to retain some control over the process, and
the controversy helped popularize RSA. (That's the .5)
More information about the cryptography
mailing list