OpenSSL certificates and key sizes
Chris Ball
cjb at mrao.cam.ac.uk
Fri Apr 14 16:22:16 EDT 2006
>> On Fri, 14 Apr 2006 15:29:34 -0400, John Abreau <jabr at blu.org> said:
> Are there any problems with making the keys, particularly the CA
> key, something like 4096 bits long? How about 8192 bits long?
Either is fine, but I personally find 8192 bits a little distasteful;
most CA keys are 4096 bits long, and have an expiry of around fifteen
years.
4096-bit keys have been conjectured "safe", against the best-known
algorithms, for 45 years[1]. So, it makes sense to take that, plan
for dramatic but conventional advances (since you can't plan for
unconventional ones) and set an expiry of a decade or two. I think
it makes less sense to go with an 8192-bit key and be attempting to
plan hundreds of years into the future.
(But IANACryptographer.)
Footnotes:
[1]: <http://www.win.tue.nl/~klenstra/key.pdf>, p.32.
--
Chris Ball <cjb at mrao.cam.ac.uk> <http://blog.printf.net/>
More information about the Discuss
mailing list