Description

This article is from the PGP FAQ, by Jeff Licquia jalicqui@prairienet.org with numerous contributions by others.

3.19. Why not use RSA alone rather than a hybrid mix of IDEA, MD5, & RSA?

Two reasons: First, the IDEA encryption algorithm used in PGP is
actually MUCH stronger than RSA given the same key length. Even with
a 1024 bit RSA key, it is believed that IDEA encryption is still
stronger, and, since a chain is no stronger than its weakest link, it
is believed that RSA is actually the weakest part of the RSA - IDEA
approach. Second, RSA encryption is MUCH slower than IDEA. The only
purpose of RSA in most public key schemes is for the transfer of
session keys to be used in the conventional secret key algorithm, or
to encode signatures.

 

Continue to:

• prev: 3.18. Can I use PGP under a "swapping" operating system like Windows or OS/2?
• Index
• next: 3.20. Aren't all of these security procedures a little paranoid? (PGP)

Share and Enjoy

Tags

security, PGP, Pretty Good Privacy, encryption, NSA, RSA, crack, glossary, signature, signing, verifying, keys, passphrase, hash, cryptography