In most cryptographic functions, the key length is an important security parameter. Both academic and private organizations provide recommendations and mathematical formulas to approximate the minimum key size requirement for security. Despite the availability of these publications, choosing an appropriate key size to protect your system from attacks remains a headache as you need to read and understand all these papers.

This web site implements mathematical formulas and summarizes reports from well-known organizations allowing you to quickly evaluate the minimum security requirements for your system. You can also easily compare all these techniques and find the appropriate key length for your desired level of protection. The lengths provided here are designed to resist mathematic attacks; they do not take algorithmic attacks, hardware flaws, etc. into account.

Please enable JavaScript to fully utilize this website (Privacy Policy)

This is the recommendations from the French Network and Information Security Agency (ANSSI) [5] that contribute to the definition and the expression of the French government policy concerning information systems security.

Date

Symmetric

Factoring Modulus

Discrete Logarithm

Key

Group

Elliptic Curve

GF(p)^{ }

GF(2^{n})

Hash

2014 - 2020

100

2048

200

2048

200

200

200

2021 - 2030

128

2048

200

2048

256

256

256

> 2030

128

3072

200

3072

256

256

256

All key sizes are provided in bits. These are the minimal sizes for security. Click on a value to compare it with other methods.

Remarks and recommended algorithms for symmetric schemes:

128-bit is the recommended symmetric size.

64-bit is the minimal bloc length for bloc ciphers (128-bit recommended and mandatory after 2020).

It is counseled to use bloc ciphers instead of stream ciphers.