When generating cryptographic keys (or key pairs), it is important to use strong parameters. Key length, for instance, should provides enough entropy against brute-force attacks.
- For RSA and DSA algorithms key size should be at least 2048 bits long
- For ECC (elliptic curve cryptography) algorithms key size should be at least 224 bits long
- For RSA public key exponent should be at least 65537.
This rule raises an issue when an RSA, DSA or ECC key-pair generator is initialized using weak parameters.
It supports the following libraries: