For a list of comparable key lengths for various algorithms, see Table 2 on page 63 of http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised 2_Mar08-2007.pdf
Bill -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: October 6, 2007 9:20 PM To: openssl-users@openssl.org Subject: RE: What's the strongest encryption available > So when generating a key, how do I determing the size? > > If the bits paramater in RSA_generate_key fuction equals 128, > does this mean > I have created a 128 bit key? > > RSA_generate_key(bits,RSA_F4,NULL,NULL); Note that a 128-bit RSA key would be completely worthless. 512-bits in the recommended minimum for casual use, 1,024 for commercial use, and 2,048 for high-security applications. In general, you cannot compare directly the number of bits in one algorithm with the number of bits in another. As a rule of thumb, a 1,024-bit RSA key could be considered roughly comparable to an 80-bit AES/3DES key. Typical commercial web applications today use 2,048-bit RSA keys and 128-bit or 256-bit AES/RC4 keys. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
