Ev Kontsevoy - Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA (Highlights)

# Ev Kontsevoy - Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA (Highlights) ![rw-book-cover|256](https://readwise-assets.s3.amazonaws.com/static/images/article0.00998d930354.png) ## Metadata **Cover**:: https://readwise-assets.s3.amazonaws.com/static/images/article0.00998d930354.png **Source**:: #from/readwise **Zettel**:: #zettel/fleeting **Status**:: #x **Authors**:: [[Ev Kontsevoy]] **Full Title**:: Comparing SSH Keys - RSA, DSA, ECDSA, or EdDSA? **Category**:: #articles #readwise/articles **Category Icon**:: 📰 **URL**:: [goteleport.com](https://goteleport.com/blog/comparing-ssh-keys/) **Host**:: [[goteleport.com]] **Highlighted**:: [[2021-08-01]] **Created**:: [[2022-09-26]] ## Highlights - As of 2020, the most widely adopted algorithms are RSA, DSA, ECDSA, and EdDSA, but it is RSA and EdDSA that provide the best security and performance. - To learn more, read this article, How to SSH Properly. #rl https://goteleport.com/blog/how-to-ssh-properly/ - What makes asymmetric encryption powerful is that a private key can be used to derive a paired public key, but not the other way around. ### RSA: Integer Factorization ### DSA: Discrete Logarithm Problem & Modular Exponentiation ### ECDSA & EdDSA: Elliptic Curve Discrete Logarithm Problem ### Comparing Encryption Algorithms - DSA requires the use of a randomly generated unpredictable and secret value that, if discovered, can reveal the private key. - ECDSA relies on the same level of randomness as DSA, so the only gain is speed and length, not security. - Instead of relying on a random number for the nonce value, EdDSA generates a nonce deterministically as a hash making it collision resistant. - Ed25519 is the fastest performing algorithm across all metrics. As with ECDSA, public keys are twice the length of the desired bit security. - When it comes down to it, the choice is between RSA 2048⁄4096 and Ed25519 and the trade-off is between performance and compatibility. - EdDSA performs much faster and provides the same level of security with significantly smaller keys. - The cryptographic strength of the signature just needs to withstand the current, state-of-the-art attacks.