1024-bit RSA keys for Windows will soon be no more

Microsoft is deprecating 1024-bit RSA keys

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Certificates with RSA keys shorter than 2048 will soon no longer be supported by Windows,Microsofthas announced.

“This deprecation focuses on ensuring that all RSA certificates used for TLS server authentication must have key lengths greater than or equal to 2048 bits to be considered valid by Windows,” the software giant said in the announcement, part of its latest “Deprecated features for Windows client” list.

RSA keys are an essential part of the Rivest-Shamir-Adleman (RSA)encryptionalgorithm, a widely used tool for secure communication over the internet. The longer the keys, the stronger they are.

Old network-attached storage in trouble

The older, 1024-bit keys have roughly 80 bits of strength, while the new ones have 112 bits, which makes them four billion times longer,BleepingComputerexplains. These keys should be safe until 2030, at least.

“Internet standards and regulatory bodies disallowed the use of 1024-bit keys in 2013, recommending specifically that RSA keys should have a key length of 2048 bits or longer,” Microsoft explained.

Companies using older software and hardware could run into trouble, as these tools will probably no longer work.

Microsoft did not give a hard date on when the older keys will no longer be valid, but it is safe to assume that the transition will be somewhat slower and will allow organizations to adapt and replace older software and hardware. In an effort to achieve a seamless transition, the company said TLS certificates issued by enterprise or test certification authorities will not be affected.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“TLS certificates issued by enterprise or test certification authorities (CA) aren’t impacted with this change," Microsoft said. “However, we recommend that they be updated to RSA keys greater than or equal to 2048 bits as a security best practice. This change is necessary to preserve security of Windows customers using certificates for authentication and cryptographic purposes.”

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

This super-cheap HP Victus 15 gaming laptop just dropped to its lowest price yet