2009年2月26日 · Fewer sites use RSA 4096-bit keys than 3072-bit keys, but usage is comparable. Extra. Beyond 3072 bits, NIST recommends 7680 and 15360 bits, with effective security strength of 192 and 256 bits, respectively. However, support for these large keys is rare in software and with CAs. RSA was first publicly described in 1977 and it's still strong ...

2014年8月12日 · Where do 4096 bit RSA keys for SSL certs currently stand in terms of things like CA support, browser support, etc? In the overall scheme of things is the increased security worth the risk of 4096 bit keys not having the widespread support and compatibility as 2048 bit keys do, not to mention the increased CPU load required to process the key ...

2013年3月30日 · Using 256-bit AES and 4096-bit RSA keys should be more than enough for the next decade, assuming the implementation is sound. Note that all of this is a simplification, as there are many caveats and details involved, and describing and RSA exchange as "encryption" isn't strictly correct, but all in all this should be a reasonable high-level ...

In the past I have always generated 2048-bit CSR requests, but this time it got me thinking that perhaps I should "step it up," and it seems like the next step would be a 4096-bit version. There isn't much info available on 4096-bit SSL certs - but apparently many people have been using 1024-bit certificates until they absolutely had to upgrade ...

2012年8月6日 · According to Lenstra's updated equations available on this site, the security level of a 4096 bit RSA key is matched by a cryptographic hash which is at least 248 bits long, for instance SHA-256. If you use RSA OAEP (and you should), the amount of data you can encrypt at most is therefore modulus size - 2 - 2*hash size , which is 446 bytes.

2018年8月14日 · Specifies the algorithm to be used for generating the keys. Algorithms available are - rsa, dsa, ecdsa-b (bits) Specifies the no. of bits for the key size. These were 1024, 2048 earlier. 2048 * 2 = 4096 is considered strong. Hence the recommended key size. 2048 bits is considered to be sufficient for RSA keys

2016年12月27日 · sign verify sign/s verify/s rsa 2048 bits 0.000891s 0.000049s 1122.1 20270.8 rsa 4096 bits 0.006737s 0.000174s 148.4 5741.9 I know the numbers are barely camparable. Nevertheless we are searching for the factor the calculationtime jumps by switching from 2048 to 4096. Hence, comparing the 'sing/s' of 2048 and 4096:

2013年6月17日 · The only claim of a variant of RSA that survives are some slides by Bernstein mentioning a 2^43 bit RSA key consisting of 2^31 primes with 4096 bits each. This is obviously ridiculously impractical. Concrete analysis suggests that RSA with 2^31 4096-bit primes provides > 2^100 security vs. all known quantum attacks. Key almost fits on a hard drive.

Both ECC and RSA can be factored in polynomial time if the quantum computer has enough (logical) qubits. If it has 6p qubits (for ECC) or 2p+3 qubits (for RSA), where p is the bit size of the algorithm, it can break it quickly. So 4096-bit RSA requires at least 8195 qubits, whereas 256-bit ECC requires 1536 qubits. –

2024年2月23日 · Therefore a much longer key length is needed to get an equivilent security level with RSA or prime-based DSA than with ECDSA. However this is taken account of in the key lengths that are practically used, there is no reason to believe that a 4096 bit RSA key will be broken any time soon, even 2048 bit is probably fine for a while.