When using RSA for digital signatures, and passing encryption session keys or similar keys, a modulus of at least 2048 bits is used, preferably 3072 bits.
Topic
Using Rivest-Shamir-Adleman
Applicable to
Official, Protected
History
Priority
must
Mar 2022
When using RSA for digital signatures, and passing encryption session keys or similar keys, a modulus of at least 2048 bits is used, preferably 3072 bits.
While existing recommendations for the use of ASD-Approved Cryptographic Algorithms to protect OFFICIAL through to PROTECTED data addressed minimum key lengths, they didn’t address recommended key lengths.
Dec 2020
When using RSA for digital signatures, and passing encryption session keys or similar keys, a modulus of at least 2048 bits is used.
Security control 0476 was amended to remove references to a modulus of 1024 bits.
Nov 2020
When using RSA for digital signatures, and passing encryption session keys or similar keys, a modulus of at least 1024 bits, preferably 2048 bits, is used.
2015
Agencies using RSA, both for the approved use of digital signatures and passing encryptionsession keys or similar keys, must use a modulus of at least 1024 bits.
2010
Agencies using RSA, for the approved use of digital signatures and passing encryption session keys orsimilar keys, must use a modulus of at least 1024 bits.
2008
Agencies using RSA, for the approved use of digital signatures and passing encryption session keys or similar keys, must use a modulus of at least 1024 bits.