OpenSSL "gendsa 10240" - Generate DSA Long Keys

Q

How to generate a new DSA key pair with a longer key size using OpenSSL "gendsa" command?

✍: FYIcenter.com

A

If you need a new DSA key pair with a longer key size for testing purpose, you can use the OpenSSL "gendsa" command as shown below:

C:\Users\fyicenter>time
The current time is: 20:06:19.66

C:\Users\fyicenter>\local\openssl\openssl dsaparam -out my_dsa_long.key -genkey 10240
Generating DSA parameters, 10240 bit long prime
This could take some time
..........+.........+++++++++++++++++++++++++++++++++++++++++++++++++++*
............+.......+.....+..........................+......+............+...
.......................................+.....................+...............
...

C:\Users\fyicenter>time
The current time is: 20:25:04.75

What this test tells us:

  • OpenSSL allows you to generate longer DSA keys. But it will take a longer time. A 10240-bit DSA key pair took about 19 minutes to generate on a laptop computer.

 

OpenSSL "gendsa -des" - DES Encrypt DSA Keys

OpenSSL "dsaparam 512" - Generate DSA Short Keys

OpenSSL "gendsa" and "dsa" Commands

⇑⇑ OpenSSL Tutorials

2016-12-24, 714👍, 0💬