Using RSA Securely in 2022
canopic jug writes:
A blogger with the handle "Soatok" has written about considerations in safely using RSA. His first recommendation is not to use RSA at all any more. Failing that, if you must use RSA, he has various recommendations to mitigate the problems that using RSA entails.
Every RSA keypair must be represented as all of the following:
RSA Secret Key (sk)RSA Public Key (pk)
- Operation (sign or decrypt)
- Mode (padding or KEM-DEM)
- Hash function (signatures, MGF1)
- Modulus size
- Public exponent
- Operation (encrypt or verify)
- Mode (padding, etc.)
- Hash function (signatures, MGF1)
- Modulus size
- Public exponent
Any time you change any of these configuration parameters, it MUST be used with a new asymmetric key-pair. The new key MUST NOT be used with the same raw key bytes as any previous key.
Elliptic Curve Cryptography (ECC) is apparently easier to work with, but both will be susceptible to cracking with quantum computers some day.
Previously:
(2019) Crown Sterling Demos 256-bit RSA Key-cracking at Private Event
(2016) Upgrade Your SSH Keys
(2015) 512-bit RSA Keys Cracked in Four Hours for only $75
(2014) NSA and RSA - Claims of More Evidence
Read more of this story at SoylentNews.