[openssl-users] Openssl software failure for RSA 16K modulus

Erwann Abalea Erwann.Abalea at docusign.com
Thu Jul 21 12:31:56 UTC 2016

> Le 21 juil. 2016 à 14:17, Salz, Rich <rsalz at akamai.com> a écrit :
>> We have to make trade-offs.  Who uses a 16K RSA key?
> Let me add some  clarification.  Is it worth putting every application that uses OpenSSL at risk for a DoS attack with a 16K RSA key?

By raising the limit, you don’t suddenly put every application at risk of a DoS, because these applications won’t suddenly use a 16k RSA key.
Anyway, OpenSSL 1.0.2+ now sets some limits on message sizes (defensive), some tradeoffs have to be done on those limits. According to some sources (NIST and ECRYPT II), 16k RSA provides an equivalent security level of a 512bits ECC key.

More information about the openssl-users mailing list