Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security (TLS) to provide increased security.
Rivest–Shamir–Adleman (RSA) is an asymmetric cryptography system that uses pairs of public and private keys to encrypt data, with the strength directly related to the length of the key. The longer these keys, the harder they are to crack.
1024-bit RSA keys have approximately 80 bits of strength, while the 2048-bit key has approximately 112 bits, making the latter four billion times longer to factor. Experts in the field consider 2048-bit keys safe until at least 2030.
RSA keys are used in Windows for several purposes, including server authentication, data encryption, and ensuring the integrity of communications.
Microsoft’s decision to move the minimum requirement for RSA keys to 2048 bits or longer for certificates used in TLS server authentication is important to protect organizations from weak encryption.
Source: bleepingcomputer.com
