3072 and 4096 key sizes

GSA / piv-guides

This is the old location for the PIV Playbook. New location below.

https://playbooks.idmanagement.gov/piv/

Other

69 stars 44 forks source link

3072 and 4096 key sizes #48

Closed lachellel closed 7 years ago

lachellel commented 8 years ago

@grandamp

From the intermediates from crawling the Federal PKI - thru the federal bridge certificate authority; identified four (4) intermediates with 3072 bit key pairs and five (5) with 4096 bit key pairs.

 4                 Public-Key: (3072 bit) 
 5                 Public-Key: (4096 bit)

Few questions:

We referenced only 2048 key sizes in passing here: piv-guides/pages/details.md
Did not explicitly state end entity or intermediate (should fix?)
Do we know of any libraries that may pose problems for processing the larger key sizes during path validation?
Should cross reference into FPKI guides?

grandamp commented 8 years ago

I am only aware of one library thus far (Entrust Java Toolkit) that has a problem if the key is RSA, and the key size (bits) is not 1024, 2048, or 3096.

I.e., if the toolkit is operating in FIPS validated mode of operation, it will have a problem validating all PKI artifacts (CRL/Cert/OCSP) signed with RSA-4096 bit keys.

rt-smithee commented 8 years ago

Historically equipment has tripped up on non-1024 multiple key sizes so 3072 is a bit exciting. Note there is still stuff in the wild using 1024, I think we need to keep up the heat in reminding people that's too short a key now. HSM's and other devices may get fussy as you increase past 2048 keys. One would have to also confirm the gear is APL-listed if it uses bigger keys. (There are things on the FICAM apl today that use 1024, the process has it's challenges...)

Remember also that you need Object Identifiers and stuff to use these larger key sizes...

weirdscience commented 7 years ago

Should this go under the FPKI guide?