Algorithms and Key Lengths

Restriction: This topic applies only when the Enterprise Server feature is enabled.

Two things that your SSL software may let you choose are the algorithm and the key length to be used for encryption. One thing to consider in choosing is how easy the code will be to crack.

In general, for the same algorithm, the longer the key the harder the code is to break. This is simply because a would-be attacker can easily use a computer to try key after key until hitting on the right one. The longer the key, the longer it takes to generate all possible numbers of that length, looking for the right one. You need a key that is so long that even with the most powerful computers this would take an impracticably long time.

Of course, computers are constantly becoming more powerful. Therefore, the length of key considered necessary is constantly increasing as the years pass. A key length of 256 bits is generally considered adequate for reasonable security using a symmetric algorithm or elliptic curve cryptography. While with an other asymmetric algorithm 2048 bits is considered adequate. Although more bits are preferable.