Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.
NIST recommendations will be checked:
| Use / Algorithm | DSA | RSA | ECDSA | DH | MQV | ECDH | ECMQV | Block Cipher | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Digital Signature Generation | p ≥ 2048 AND q ≥ 224 | n ≥ 2048 | See table below | x | x | x | x | x |
Digital Signature Verification | p ≥ 2048 AND q ≥ 224 | n ≥ 2048 | See table below | x | x | x | x | x |
Key Agreement | x | x | x | p ≥ 2048 AND q ≥ 224 | p ≥ 2048 AND q ≥ 224 | See table below | See table below | x |
Encryption and Decryption | x | x | x | x | x | x | x | AES-128, 192, 256 This rule will not raise issues for ciphers that are considered weak (no matter the key size) like DES, Blowfish.h3. Notation * DSA ([Digital Signature Algorithm |
https://en.wikipedia.org/wiki/Digital_Signature_Algorithm]): p is key length and q the modulus length* EC ([Elliptic-curve |
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography]) |
EC parameters | EB | EC | ED | EE | ||||||
| Length of n | 224-255 | 256-383 | 384-511 | 512+ |
Maximum bit length of cofactor h | 14 | 16 | 24 |
KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("RSA");
keyPairGen1.initialize(1024); // Noncompliant
KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec1 = new ECGenParameterSpec("secp112r1"); // Noncompliant
keyPairGen5.initialize(ecSpec1);
KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
keyGen1.init(64); // Noncompliant
KeyPairGenerator keyPairGen6 = KeyPairGenerator.getInstance("RSA");
keyPairGen6.initialize(2048); // Compliant
KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec10 = new ECGenParameterSpec("secp224k1"); // compliant
keyPairGen5.initialize(ecSpec10);
KeyGenerator keyGen2 = KeyGenerator.getInstance("AES");
keyGen2.init(128); // Compliant