Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security (TLS) to provide increased security.
Rivest-Shamir-Adleman (RSA) is an asymmetric encryption system that uses pairs of public and private keys to encrypt data, the strength of which directly depends on the length of the key. The longer these keys are, the harder they are to break.
1024-bit RSA keys are roughly equivalent in security to 80-bit symmetric keys, while a 2048-bit key is roughly equivalent to a 112-bit symmetric key. This makes its decomposition 4 billion times longer. Industry experts believe 2048-bit keys will be secure until at least 2030.
RSA keys are used in Windows for several purposes, including server authentication, data encryption, and communication integrity. Microsoft’s decision to change the minimum requirement for RSA keys to 2048 bits or larger for certificates used in TLS server authentication is important for protecting organizations against weak encryption.
This move is likely to affect organizations using legacy software and network devices such as printers that use 1024-bit RSA keys. Therefore, they will lose authentication capabilities on Windows servers.
Microsoft has not specified when Windows will end support for 1024-bit RSA keys. It is likely that the corporation will provide a transition period, as it did with the end of support for keys up to 1024 bits in 2012. During this grace period, Windows administrators can configure logging to determine which devices are trying to connect using the old keys and which will be affected by this change. At the same time, Microsoft strongly recommends that organizations move to RSA keys of 2048 bits or longer as soon as possible.
Source: bleepingcomputer
The competition of ITS authors is ongoing. Write an article about game development, gaming and gaming devices and win a professional Logitech G923 Racing Wheel or one of the low-profile Logitech G815 LIGHTSYNC RGB Mechanical Gaming Keyboard!