Security tip #2: key lengths

In cryptography a key length refers to the digital size of the ‘key’ used to unlock the encryption algorithm. Over time the length of these keys has increased from DES’ modest 64 bit (really 56 bit) key size all the way to the new AES specified key lengths of 128 and 256 bit keys. Each bit increase in in the algorithm doubles the potential number of keys available to use, thus usually making it harder for an adversary to guess the right key.

A common question people come up against is what key size should I use? Luckily I found a website the other day that explores just this. It takes recommendations from the world’s foremost crypto experts and from cryptography conferences to present an estimation of an appropriate key length to use. What’s more they even compare symmetric key lengths, like AES, to asymmetric key lengths, like public key cryptography such as RSA, so you could see just how large of a key size you need to achieve relative security.

For simplicity I have included below the recommendations from various sources released in 2009. All of them are for the highest level of security suggested, so that might be a little overkill for every day use.

Source Symmetric Asymmetric Elliptic Curve Hash
ECRYPT II 256 15424 512 512
NSA Suite B Fact Sheet 256 N/A 384 384
BSI N/A 1976 224 224-512

Note: The asymmetric numbers listed here are to show how large an asymmetric key should be to get equivalent security to a symmetric key. However this is not how most asymmetric keys are used. Instead they are used just to encrypt a symmetric key which does all of the work, the so called hybrid approach, because symmetric algorithms are much, much faster. As such most of these sources also make it a point to mention that an El Gamal or RSA key should actually be about 2048+ bit in size for a decent trade-off.

As you can see even among the experts the numbers vary quite a bit. To me this just proves that no one really knows how much security you need. The best you can do is decide on a decent trade-off between security and performance for your purposes. Nevertheless it is still interesting to see what the experts have to say when it comes to choosing a key length.