2020-06-30 12:49:37 +02:00
Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf[NIST recommendations] will be checked for these use-cases:
*Digital Signature Generation* and *Verification:*
2020-06-30 14:49:38 +02:00
2020-06-30 12:49:37 +02:00
* p ≥ 2048 AND q ≥ 224 for DSA (<code>p</code> is key length and <code>q</code> the modulus length)
* n ≥ 2048 for RSA (<code>n</code> is the key length)
*Key Agreement*:
2020-06-30 14:49:38 +02:00
2020-06-30 12:49:37 +02:00
* p ≥ 2048 AND q ≥ 224 for DH and MQV
* n ≥ 224 for ECDH and ECMQV (Examples: <code>secp192r1</code> is a non-compliant curve (<code>n</code> < 224) but <code>secp224k1</code> is compliant (<code>n</code> >= 224))
*Encryption and Decryption*:
2020-06-30 14:49:38 +02:00
2020-06-30 12:49:37 +02:00
* AES-128, 192, 256
This rule will not raise issues for ciphers that are considered weak (no matter the key size) like <code>DES</code>, <code>Blowfish</code>.
