If you renew keys yearly 1024 is probably fine. Next year you might go for 2048 depending on the state of prime number factoring available.
The section "Integer factorization and RSA problem" covers this topic: http://en.wikipedia.org/wiki/RSA On Wed, Mar 17, 2010 at 3:32 AM, Yoichiro Tanaka <[email protected]>wrote: > Hi Jacky, > > We found the following sources: > > > http://csrc.nist.gov/publications/drafts/800-131/draft-800-131_transition-paper.pdf > See Table 6 in the section "6 Key Agreement and Key Transport Using RSA". > > > http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf > See Table4 in the section "5.6.2 Defining Appropriate Algorithm Suites". > > Of course, these documents was written about the system for > "government". However, it can be referred and applied to social > networking services and so on, I guess... > > Thanks, > -Yoichiro > > > On Wed, Mar 17, 2010 at 6:02 PM, Jacky Wang (王超) <[email protected]> > wrote: > > Hi Yoichiro, > > > > As mentioned in your mail that "... this length is short and dangerous. I > > think that we should use 2048 bit." Could you share with us the source > as > > well? > > > > Thanks, > > Jacky > > > > On Wed, Mar 17, 2010 at 4:56 PM, Yoichiro Tanaka <[email protected] > >wrote: > > > >> Hi there, > >> > >> I'm in charge of mixi platform supported OpenSocial in Japan. Our > >> platform has already been elapsed one year. Therefore, a signed > >> request has been supporting at this platform, and the key for signing > >> will be expired next month. > >> > >> When I generated the key, the modulus length of the key was 1024 bit. > >> But, I heard recently that this length is short and dangerous. I think > >> that we should use 2048 bit. However, if we use this length and sign > >> each requests, I'm afraid that some libraries for OAuth can't use the > >> key and can't validate the request... > >> > >> The bit length doesn't depend on the process of OAuth libs, right? > >> And, if you are in any containers, how much long is the key length you > >> are using? > >> > >> Thanks, > >> -Yoichiro (mixi, Inc.) > >> > > > > > > > > -- > > Best Regards, > > > > Jacky Wang > > (Office) +86-10-6250-3316 > > (Mobile) +86-1381-0018-677 > > Kejian Building, Tsinghua Science Park Building 6 > > No.1 Zhongguancun East Road, Haidian District > > Beijing P.R.China 100084 > > > > > > -- > Yoichiro Tanaka > Email: [email protected] > Blog: http://www.eisbahn.jp/yoichiro >
