DSA and OpenSSH: It’s Legacy, But Still Great

In 1976, Marty Hellman sat at his desk and drafted a method that used discrete logs, and which allowed a shared encryption key to be created between Bob and Alice. With this, Bob generated a random value of b, and Alice of a, Bob computes B=g^b (mod p) and Alice computes A=g^a (mod p). They exchange values, and then end up with the same key:

The Diffie-Hellman method was thus created around the usage of discrete logarithms. Soon Rivest, Shamir and Adleman followed this work with the RSA encryption method.

So could we create encryption with discrete logs? Well, it was Tahir ElGamal who solved this with the ElGamal encryption method. And could it be used for signatures? Well the DSA (Digital Signature Algorithm) stepped forward.

DSA

The Digital Signature Algorithm (DSA) is a standard defined in Federal Information Processing Standard (as FIPS 186) for digital signatures and is based on discrete logarithms. It was outlined by NIST in 1991, and proposed within the Digital Signature Standard (DSS). This was then standardized with FIPS 186 in 1994, and FIPS 186–4 in 2013. Within FIPS 186–5, it is defined that DSA should not be…