All the articles I read on the web about DSA keep telling me that the size of the hash needs to be truncated so that the bit length is equal to or lesser than the bit length of the prime number of the field.
For example, Wikipedia says:
- Choose an approved cryptographic hash function H. [...] The hash output may be truncated to the size of a key pair.
- Choose an N-bit prime q. N must be less than or equal to the hash output length.
But why exactly do we need this? What's wrong with using a 256-bit hash with a 160-bit prime?
I tried looking on the web, but I keep getting results that explain me how to truncate the hash, not why.