1024-bit RSA keys for Windows will soon be no more – TechRadar

admin on March 20, 2024 Leave a Comment

Certificates with RSA keys shorter than 2048 will soon no longer be supported by Windows, Microsoft has announced.

This deprecation focuses on ensuring that all RSA certificates used for TLS server authentication must have key lengths greater than or equal to 2048 bits to be considered valid by Windows, the software giant said in the announcement, part of its latest Deprecated features for Windows client list.

RSA keys are an essential part of the Rivest-Shamir-Adleman (RSA) encryption algorithm, a widely used tool for secure communication over the internet. The longer the keys, the stronger they are.

The older, 1024-bit keys have roughly 80 bits of strength, while the new ones have 112 bits, which makes them four billion times longer, BleepingComputer explains. These keys should be safe until 2030, at least.

Internet standards and regulatory bodies disallowed the use of 1024-bit keys in 2013, recommending specifically that RSA keys should have a key length of 2048 bits or longer, Microsoft explained.

Companies using older software and hardware could run into trouble, as these tools will probably no longer work.

Microsoft did not give a hard date on when the older keys will no longer be valid, but it is safe to assume that the transition will be somewhat slower and will allow organizations to adapt and replace older software and hardware. In an effort to achieve a seamless transition, the company said TLS certificates issued by enterprise or test certification authorities will not be affected.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

TLS certificates issued by enterprise or test certification authorities (CA) aren't impacted with this change," Microsoft said. "However, we recommend that they be updated to RSA keys greater than or equal to 2048 bits as a security best practice. This change is necessary to preserve security of Windows customers using certificates for authentication and cryptographic purposes.

Follow this link:
1024-bit RSA keys for Windows will soon be no more - TechRadar

Related Posts
Posted in Encryption

Comments are closed.