Cryptographic Key Length Recommendation

In most cryptographic functions, the key length is an important security parameter. Both academic and private organizations provide recommendations and mathematical formulas to approximate the minimum key size requirement for security. Despite the availability of these publications, choosing an appropriate key size to protect your system from attacks remains a headache as you need to read and understand all these papers. This web site implements mathematical formulas and summarizes reports from well-known organizations allowing you to quickly evaluate the minimum security requirements for your system. You can also easily compare all these techniques and find the appropriate key length for your desired level of protection.

The lengths provided here are designed to resist mathematic attacks; they do not take algorithmic attacks, hardware flaws, etc. into account.
1Choose a method
This paper [7] describes mathematical formulas resolving the minimal security length of asymmetric keys knowing the level of security wanted, that is the size of the symmetric key to protect.
2   Enter basic parameter
You can enter the level of security (symmetric key) and see the corresponding key lengths to protect your system or you can enter a key/group size and see its level of security.
3 Click here to see options
4
© 2008 Keylength.com - v 17.10 - November 19, 2007
Author: Damien Giry
Approved by Prof. Jean-Jacques Quisquater
Contact:
Surveys of laws and regulations on cryptology: Crypto Law Survey / Digital Signature Law Survey.
Bibliography[1] Selecting Cryptographic Key Sizes, Arjen K. Lenstra and Eric R. Verheul, PKC2000: p. 446-465, 01/2000.
[2] Handbook of Information Security, Arjen K. Lenstra, 06/2004.
[3] Yearly Report on Algorithms and Keysizes (2006), D.SPA.21 Rev. 1.1, IST-2002-507932 ECRYPT, 01/2007.
[4] Recommendation for Key Management, Special Publication 800-57 Part 1, NIST, 03/2007.
[5] Mécanismes cryptographiques - Règles et recommandations "standards", Rev. 1.10, DCSSI , 12/2006.
[6] Fact Sheet Suite B Cryptography, NSA, 02/2005.
[7] Determining Strengths for Public Keys Used for Exchanging Symmetric Keys, RFC 3766, H. Orman and P. Hoffman, 04/2004.
[8] Algorithms for Qualified Electronic Signatures, BNetzA, BSI, 02/2007 updated with BSI Draft, 07/2007.
Privacy Policy (P3P)  |  Disclaimer / Copyright  |  Release Notes