Mikal Villa | | Comments

RSA key strength and math

TL;DR Since time is a factor here, \(2048\) bit is probably fine for most systems and users as long as it is replaced often, like let's encrypt does with it's ninety-day lifetimes. However for an CA I wouldn't use less than \(4096\) bit keys, and probably \(8192\) bit keys if they where to live longer than ~2030 maybe. Update: There are algorithms with sub-exponential running time for factoring integers,