Crypto guidelines for Fedora
Till Maas
opensource at till.name
Sat Dec 21 08:38:21 UTC 2013
Hi,
I recently noticed that several packages in Fedora create RSA keys with
inappropriate key sizes:
dnssec-trigger creates RSA 1536 keys with certificate that is valid for
20 years:
https://bugzilla.redhat.com/show_bug.cgi?id=1045689
dropbear-keygen creates by default RSA 1024 keys:
https://bugzilla.redhat.com/show_bug.cgi?id=1039311
Some other observations:
ssh-keygen on F19 creates RSA 2048 keys by default
ENISA recommends to at least RSA 3072 keys:
http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report
If e.g. AES-256 is used. RSA 15360 is recommended for long-term usage.
Therefore I would like to propose a packaging guideline about which
minimum key size software in Fedora should generate by default. It seems
to me that requiring RSA 3072 key by default in Fedora is a good initial
compromise. I did not notice RSA keys with more than 4096 bits
regularly, therefore I am not sure whether using RSA 15360 keys by
default is a good idea.
What is your opinion?
Regards
Till
More information about the security
mailing list