Previous Topic Next topic Print topic


Algorithms and Key Lengths

Restriction: This topic applies only when the Enterprise Server feature is enabled.

Two things that your SSL software may let you choose are the algorithm and the key length to be used for encryption. One thing to consider in choosing is how easy the code will be to crack.

In general, for the same algorithm, the longer the key the harder the code is to break. This is simply because a would-be attacker can easily use a computer to try key after key until hitting on the right one. The longer the key, the longer it takes to generate all possible numbers of that length, looking for the right one. You need a key that is so long that even with the most powerful computers this would take an impracticably long time.

Of course, computers are constantly becoming more powerful. Therefore, the length of key considered necessary is constantly increasing as the years pass. At the time of writing (early 2005), a key length of 128 bits is generally considered adequate for reasonable security using a symmetric algorithm, while with an asymmetric algorithm 2048 bits is considered adequate.

Previous Topic Next topic Print topic