我应该为我的SSL证书使用什么RSA密钥长度? [英] What RSA key length should I use for my SSL certificates?
问题描述
我正在创建一个CSR,我想知道哪些是我RSA密钥的最佳长度。
当然,384可能太弱和16384可能太慢。
根据证书生命周期,应该使用的密钥长度是否有共识? / p>
编辑:
像大多数人一样,我想要我的键相当强。我不担心NSA可能会打破我的钥匙在2019年。我只想知道什么是最好的做法,当一个计划做正常的业务(例如电子商务网站)
这个答案有点过时。请注意,它可能不代表当前的最佳做法。
如果您保持最新的字段,请考虑改进此答案。
Bruce Schneier 在1999年写道:
键长度更好,但
只有一个点。 AES [对称密钥]将有
128位,192位和256位密钥
长度。这远远长于在可预见的未来需要的
。在
事实上,我们甚至不能想象一个世界
,其中256位暴力搜索可能是
。它需要一些基本的
物理学突破和我们的
理解宇宙。对于
公钥加密[不对称cyphers],2048位密钥
具有相同的属性;更长的是
无意义。
维基百科写道:
RSA声称
1024位[ ]键很可能变成
在2006年和
2010之间的一段时间,并且2048位密钥是
足够到2030年。应该使用RSA密钥
长度为3072位如果
安全性要求超过2030.
NIST密钥管理指南进一步
建议15360位[不对称] RSA密钥是
等同于256位
对称键。
RSA实验室(上次根据 archive.org 更改了2007年) :
RSA实验室目前推荐[非对称]
密钥大小为1024位公司
使用和2048位非常
有价值的密钥,如根密钥对
由认证机构使用
谁知道更多,可以回答为什么有这个区别。
I'm in the process of creating a CSR, and I wonder which is arguably the best length for my RSA key.
Of course, 384 is probably too weak, and 16384 is probably too slow.
Is there a consensus on the key length one should use, depending on the certificate lifetime?
Edit : Like most people, I want my key to be reasonably strong. I'm not concerned that the NSA could maybe break my key in 2019. I just want to know what's the best practice when one plan to do normal business (for example an e-commerce site)
This answer is a bit outdated. Be aware that it might not represent current best practice.
If you've kept up-to-date with the field, please consider improving this answer.
Bruce Schneier wrote back in 1999:
Longer key lengths are better, but only up to a point. AES [symmetric cypher] will have 128-bit, 192-bit, and 256-bit key lengths. This is far longer than needed for the foreseeable future. In fact, we cannot even imagine a world where 256-bit brute force searches are possible. It requires some fundamental breakthroughs in physics and our understanding of the universe. For public-key cryptography [asymmetric cyphers], 2048-bit keys have same sort of property; longer is meaningless.
Wikipedia writes:
RSA claims that 1024-bit [asymmetric] keys are likely to become crackable some time between 2006 and 2010 and that 2048-bit keys are sufficient until 2030. An RSA key length of 3072 bits should be used if security is required beyond 2030. NIST key management guidelines further suggest that 15360-bit [asymmetric] RSA keys are equivalent in strength to 256-bit symmetric keys.
RSA Laboratories writes (last time changed 2007 according to archive.org):
RSA Laboratories currently recommends [asymmetric] key sizes of 1024 bits for corporate use and 2048 bits for extremely valuable keys like the root key pair used by a certifying authority
Would be nice, if someone who knows more, could answer why there's this difference.
这篇关于我应该为我的SSL证书使用什么RSA密钥长度?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
