[openssl-users] Openssl software failure for RSA 16K modulus
rsalz at akamai.com
Thu Jul 21 12:15:15 UTC 2016
> Largest accepted client key exchange message length seems to be set to 2048 bytes.
> Key exchange for an RSA16k is slightly larger than that (exactly 2048 bytes of pure crypto payload, plus a few bytes of overhead).
> OpenSSL is too conservative here.
Why not use an ECC key?
We have to make trade-offs. Who uses a 16K RSA key?
More information about the openssl-users