Certificate Key Lengths: Bigger is Better
As previously discussed, Microsoft issued a security advisory announcing they will block keys that are less than 1024 bits long. This feature will appear in an update for supported versions of Microsoft Windows (not affecting Windows 8 or Windows Server 2012; the functionality is already there) and, of course, you have to upgrade to this version for this feature to activate.
What is the impact to you? Possibly nothing. Even 1024-bit keys are not recommended anymore, especially over larger 2048-bit keys. In fact, 1024-bit keys currently cannot be signed with end dates greater than December 31, 2013, for publicly trusted certificates. As a result, 1024-bit keys are also going the way of the dodo, albeit a couple of years behind.
However, if you do have keys sizes smaller than 1024 bits in your environment, they will not be recognized on Windows machines with this update applied, potentially breaking an application or causing an outage. And even if you don’t apply the update on your application server for example, that doesn’t mean you won’t suffer — browsers who apply the patch will not be allowed to access sites with small key sizes, effectively breaking your site anyways.
Microsoft recommends four methods of discovering small RSA key sizes in your environment:
- Check certificates and certification paths manually
- Use CAPI2 logging
- Check certificate templates
- Enable logging on computers that have the update installed
Here’s another idea: use an automated certificate discovery tool to scan your hosts/ports and CAPI stores and build an inventory upon which you can then set policy alerts when key sizes don’t meet your policy.