Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.
NIST recommendations will be checked for these
use-cases:
Digital Signature Generation and Verification:
- p ≥ 2048 AND q ≥ 224 for DSA (
p
is key length and q
the modulus length)
- n ≥ 2048 for RSA (
n
is the key length)
Key Agreement:
- p ≥ 2048 AND q ≥ 224 for DH and MQV
- n ≥ 224 for ECDH and ECMQV (Examples:
secp192r1
is a non-compliant curve (n
< 224) but secp224k1
is
compliant (n
>= 224))
Symmetric keys:
This rule will not raise issues for ciphers that are considered weak (no matter the key size) like DES
, Blowfish
.
Noncompliant Code Example
$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 1024, // Noncompliant
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);
Compliant Solution
$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 2048 // Compliant
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);
See