NIST Special Publication 800-57 Part 1 Revision 5 "Recommendation for Key Management" [1] estimates 2024-bit RSA keys as having 112 bits of security strength. At the same time keys with 112 bits of security strength are deemed acceptable only through 2030 and disallowed after that year.
Let's be safe and generate 3072-bit keys by default. These should have 128 bits of security strength and are allowed after 2030. Also, 1024-bit keys are estimated to have only 80 bits of security strength and are generally disallowed today. Let's not allow creation of such keys by default. [1] https://doi.org/10.6028/NIST.SP.800-57pt1r5 Signed-off-by: Ilya Maximets <[email protected]> --- NEWS | 1 + utilities/ovs-pki.in | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 115b18b8b..e422b876a 100644 --- a/NEWS +++ b/NEWS @@ -20,6 +20,7 @@ Post-v3.4.0 - "TLSv1-TLSv1.2" to enable all protocols between TLSv1 and TLSv1.2. - "TLSv1.2+" to enable protocol TLSv1.2 and later. The value must be a list of protocols or exactly one protocol range. + * ovs-pki now generates 3072-bit keys by default. - Userspace datapath: * The default zone limit, if set, is now inherited by any zone that does not have a specific value defined, rather than being diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in index 69060b4ac..f1b101b0f 100755 --- a/utilities/ovs-pki.in +++ b/utilities/ovs-pki.in @@ -24,7 +24,7 @@ batch=no unique_name=no log='@LOGDIR@/ovs-pki.log' keytype=rsa -bits=2048 +bits=3072 # OS-specific compatibility routines case $(uname -s) in @@ -171,7 +171,7 @@ Each TYPE above is a certificate type: 'switch' (default) or 'controller'. Options for 'init', 'req', and 'req+sign' only: -k, --key=rsa|dsa Type of keys to use (default: rsa) - -B, --bits=NBITS Number of bits in keys (default: 2048). For DSA keys, + -B, --bits=NBITS Number of bits in keys (default: $bits). For DSA keys, this has an effect only on 'init'. -D, --dsaparam=FILE File with DSA parameters (DSA only) (default: dsaparam.pem within PKI directory) @@ -263,8 +263,8 @@ if test "$keytype" != rsa && test "$keytype" != dsa; then echo "$0: argument to -k or --key must be rsa or dsa" >&2 exit 1 fi -if test "$bits" -lt 1024; then - echo "$0: argument to -B or --bits must be at least 1024" >&2 +if test "$bits" -lt 2048; then + echo "$0: argument to -B or --bits must be at least 2048" >&2 exit 1 fi if test -z "$dsaparam"; then -- 2.47.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
