In a move to bolster security measures, Microsoft has announced that it will soon cease recognizing TLS certificates for server authentication with RSA keys shorter than 2048 bits as valid. This decision underscores Microsoft’s commitment to enhancing cybersecurity standards and ensuring the safety of its users.
The origins of this decision trace back to discussions dating back over a decade, with internet standards and regulatory authorities banning the use of 1024-bit RSA keys as early as 2013. Moreover, recommendations have long been in place advising the use of RSA keys with a length of 2048 bits or greater. Microsoft cites the National Institute of Standards and Technology (NIST), a leading organization in the United States, which has derived similar conclusions from discussions surrounding cryptographic standards.
The crux of Microsoft’s announcement is clear: all RSA certificates for TLS server authentication must have key lengths equal to or greater than 2048 bits to be considered valid by Windows systems. However, there are exceptions to this rule. TLS certificates issued by Enterprise- or Test-Authorities (CAs) are not directly affected by this change. Nevertheless, Microsoft encourages these entities to adopt RSA keys of 2048 bits or more as a best practice for security.
This change is paramount to maintaining the security of Windows users who rely on certificates and authentication for cryptographic purposes. By raising the minimum key length requirement, Microsoft aims to mitigate potential vulnerabilities and safeguard sensitive data exchanged over TLS connections.
Interestingly, the Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany’s Federal Office for Information Security, recently mandated a minimum key length of 3000 bits for TLS certificates with RSA keys, effective from the beginning of the year. While the BSI initially utilized 2048-bit RSA keys, they have since begun transitioning to longer keys in response to evolving security standards.
Looking ahead, the NIST has proposed an updated draft recommending RSA keys with a length of 2048 bits as sufficiently secure for signatures until the year 2030. This underscores the importance of proactive measures in adapting to emerging cybersecurity threats and maintaining robust encryption standards.
In conclusion, Microsoft’s decision to enforce stricter security measures for TLS certificates with RSA keys underscores the company’s dedication to safeguarding user data and ensuring the integrity of cryptographic communications. By raising the bar for minimum key lengths, Microsoft takes a proactive stance in addressing evolving cybersecurity challenges and upholding industry best practices.