Rapid7 Vulnerability & Exploit Database

Weak Cryptographic Key

Back to Search

Weak Cryptographic Key

Severity
3
CVSS
(AV:A/AC:H/Au:N/C:P/I:P/A:N)
Published
01/01/2005
Created
07/25/2018
Added
10/24/2011
Modified
11/27/2018

Description

The key length used by a cryptographic algorithm determines the highest security it can offer. Newly discovered theoretical attacks and hardware advances constantly erode this security level over time. Taking this into account, as of 2011, governmental, academic, and private organizations providing guidance on cryptographic security, such as the National Institute of Standards and Technology (NIST), the European Network of Excellence in Cryptology II (ECRYPT II), make the following general recommendations to provide short to medium term security against even the most well-funded attackers (eg. intelligence agencies):

  • Symmetric key lengths of at least 80-112 bits.
  • Elliptic curve key lengths of at least 160-224 bits.
  • RSA key lengths of at least 1248-2048 bits. In particular, the CA/Browser Forum Extended Validation (EV) Guidelines require a minimum key length of 2048 bits. Also, current research shows that factoring a 1024-bit RSA modulus is within practical reach.
  • DSA key lengths of at least 2048 bits.

Additionally, starting in 2014, the Certificate Authority/Browser Forum has mandated that 1024-bit RSA keys no longer be supported for SSL certificates or code signing.

Solution(s)

  • use-stronger-key

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;