I would like to know if it is a good idea to use 16384 bit key length for openvpn CA on pfsense and the main differences between this a 8192bit and a 4096bit. Which is the best of these?
Asked
Active
Viewed 273 times
0
-
I’m voting to close this question because opinionated and not about programming. – Maarten Bodewes Jul 09 '21 at 08:59
1 Answers
0
It depends on what computational power you want to be protected against. For most usecases, 16384 bits likely doesn't make any sense today, much shorter keys are secure for the foreseeable future, and are more efficient.
For example, GnuPG advises even against 4096 bit keys, stating 2048 is enough, but for example SSLLabs requires a 4096 bit key for maximum score.
NIST says a 2048 bit key is equivalent to a 112 bit symmetric key (116.8 in reality, see this), which would be sufficient for most applications.
Also longer keys are a lot more resource intensive, see comparisons here. Considering signing operations for example, using a 4096 bit key instead of 2048 bits reduces the signature rate to almost a tenth.
What will have a great impact is quantum computing, but we don't have that working yet (for this application), and against such an attack, likely none of these key lengths will be effective.
Also key length is just one aspect, if your systems, applications, data ever get comrpomised, it is very unlikely that the cause will be a 4096 bit key being used instead of a 16384 bit one.
Gabor Lengyel
- 14,129
- 4
- 32
- 59