Comparison of the SSH Key Algorithms

How far the main algorithms are, cryptologically speaking, from each other ?

https://xkcd.com/927/

DSA vs RSA vs ECDSA vs Ed25519

Moore Law

How long do you want to be protected ?

Legacy standard level

Near term protection

Long-term protection

Conclusion

Never use DSA or ECDSA.

  • Ed25519 is probably the strongest mathematically (and also the fastest), but not yet widely supported. At least 256 bits long.
  • RSA is the best bet if you can’t use Ed25519. At least 3072 bits long.

Why not use SSH Certificate ?

If you enjoyed this story, please recommend and share to help others find it! Feel free to leave a comment below.

--

--

--

https://beguier.eu/nicolas/

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Nicolas Béguier

Nicolas Béguier

https://beguier.eu/nicolas/

More from Medium

Hate YAML? Build your next tool with HCL!

Clear Linux Distro — Optimized for Performance and Security

Data Structure and Algorithm in RUST | Linked List