RSA is less secure than DSA but authenticates faster.
なお、DSA形式の鍵は内部的な脆弱性があり、「偽の署名」を簡単に作成できてしまいます。そのためDSA形式の鍵を使用する場合は、もし攻撃を受けた場合に問題を最小限に抑えられるよう、サーバーごとに異なる鍵を利用することをおすすめします。
http://winscp.net/eng/docs/ui_puttygen
The WinSCP developers strongly recommend you use RSA. DSA has an intrinsic weakness which makes it very easy to create a signature which contains enough information to give away the private key! This would allow an attacker to pretend to be you for any number of future sessions. WinSCP’s implementation has taken very careful precautions to avoid this weakness, but we cannot be 100% certain we have managed it, and if you have the choice we strongly recommend using RSA keys instead.
http://the.earth.li/~sgtatham/putty/0.53b/htmldoc/AppendixA.html#A
A.7.3 How come PuTTY now supports DSA, when the website used to say how insecure it was?
DSA has a major weakness if badly implemented: it relies on a random number generator to far too great an extent. If the random number generator produces a number an attacker can predict, the DSA private key is exposed - meaning that the attacker can log in as you on all systems that accept that key.
The PuTTY policy changed because the developers were informed of ways to implement DSA which do not suffer nearly as badly from this weakness, and indeed which don't need to rely on random numbers at all. For this reason we now believe PuTTY's DSA implementation is probably OK. However, if you have the choice, we still recommend you use RSA instead.
めも、未検証
