The problem here is, that the time to actually process keys of this length is not suitable for low-powered devices, while the actual gained security strength does not raise proportionally: A key length of 1024 bit for an asymmetrical key (which we use for SSH) only has a “real” strength of 80 bit based on symmetrical methods. One could argument, that simply using longer key lengths would solve this problem, so let’s generate new keys with a length of 8192 bit. Therefore, do not generate new keys shorter than 4096 bit characters! 1
Since 2013 the ENISA ( European Union Agency for Cybersecurity) recommends the usage of keys with a length of 2048 bit for short-term security only. However, advancing 40 years, keys are no longer really secure if they are less than 1024 bit long. Computers were slow, and it might take several decades until RSA would be rendered insecure by cracking the algorithm. Invented back in 1977, RSA seemed to be the best solution to generate secure keys. Why RSA might not serve you well for the next decades
If you are not interested in the why, but in the how, you may jump directly to the third headline. Those keys are mostly generated by using the RSA algorithm, which was and still is the standard for generating the cryptographic keys. At least I haven’t heard of anybody typing his username and password into the terminal while pushing the latest commits to the remote repository. As a developer, the chances are pretty high that you have your own SSH keys to connect to servers, and be it only the server hosting the git repository.
0 kommentar(er)
