[openssl-users] Openssl software failure for RSA 16K modulus
Erwann.Abalea at docusign.com
Thu Jul 21 12:31:56 UTC 2016
> Le 21 juil. 2016 à 14:17, Salz, Rich <rsalz at akamai.com> a écrit :
>> We have to make trade-offs. Who uses a 16K RSA key?
> Let me add some clarification. Is it worth putting every application that uses OpenSSL at risk for a DoS attack with a 16K RSA key?
By raising the limit, you don’t suddenly put every application at risk of a DoS, because these applications won’t suddenly use a 16k RSA key.
Anyway, OpenSSL 1.0.2+ now sets some limits on message sizes (defensive), some tradeoffs have to be done on those limits. According to some sources (NIST and ECRYPT II), 16k RSA provides an equivalent security level of a 512bits ECC key.
More information about the openssl-users