Comparison of the SSH Key Algorithms

How far the main algorithms are, cryptologically speaking, from each other ?

https://xkcd.com/927/

DSA vs RSA vs ECDSA vs Ed25519

For years now, advances have been made in solving the complex problem of the DSA, and it is now mathematically broken, especially with a standard key length. Moreover, the attack may be possible to extend to RSA as well.

Moore Law

How long do you want to be protected ?

ECRYPT provides rather conservative guiding principles, based on current state-of-the-art research, addressing the construction of new systems with a long life cycle.

Legacy standard level

Should not be used in new systems

Near term protection

Security for at least ten years (2018–2028)

Long-term protection

Security for thirty to fifty years (2018–2068)

Conclusion

Never use DSA or ECDSA.

  • Ed25519 is probably the strongest mathematically (and also the fastest), but not yet widely supported. At least 256 bits long.
  • RSA is the best bet if you can’t use Ed25519. At least 3072 bits long.

Why not use SSH Certificate ?

In addition, you can use an SSH Certificate to be much more secure. With this method, you don’t have to worry about the algorithm, but you will have to sign your public key regularly.

If you enjoyed this story, please recommend and share to help others find it! Feel free to leave a comment below.

Nicolas Béguier

--

--

https://beguier.eu/nicolas/

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store