ABSTRACT

An otherwise strong encryption algorithm is vulnerable to brute force attack when a small key size is used.

EXPLANATION

Current cryptography guidelines suggest that key lengths of at least 1024 bits should be used with the RSA algorithm. However, increased computing power and advances in factoring techniques[1] are challenging the security of 1024 bit RSA encryption.

Example 1: The following code generates a 512 bit RSA key.


...
crmfObject = crypto.generateCRMFRequest(
"CN=" + name.value,
password.value,
authenticator,
keyTransportCert,
"setCRMFRequest();",
512, null, "rsa-dual-use");
...


When it comes to symmetric encryption, the key lengths should be at least 128 bits.

REFERENCES

[1] J. Cheng 307-digit key crack endangers 1024-bit RSA

[2] Standards Mapping - OWASP Top 10 2010 - (OWASP 2010) A7 Insecure Cryptographic Storage

[3] Standards Mapping - OWASP Top 10 2007 - (OWASP 2007) A8 Insecure Cryptographic Storage

[4] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A8 Insecure Storage

[5] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3150.1 CAT II

[6] B. Chess and J. West, Secure Programming with Static Analysis. Boston, MA: Addison-Wesley, 2007.

[7] Cryptographic Algorithms and Key Sizes for Personal Identity Verification NIST

[8] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 310

[9] Standards Mapping - Web Application Security Consortium 24 + 2 - (WASC 24 + 2) Information Leakage

[10] Standards Mapping - FIPS200 - (FISMA) MP

[11] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 3.6.1, Requirement 6.3.1.3, Requirement 6.5.8

[12] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 3.6.1, Requirement 6.5.3

[13] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 3.6.1, Requirement 6.5.8