[Openid-specs-fapi] Issue #683: EC keys minimum length? (openid/fapi)
Brian Campbell
issues-reply at bitbucket.org
Thu Mar 14 21:42:50 UTC 2024
New issue 683: EC keys minimum length?
https://bitbucket.org/openid/fapi/issues/683/ec-keys-minimum-length
Brian Campbell:
In [Sec 5.4. Cryptography and Secrets ](https://openid.net/specs/fapi-2_0-security-profile-03.html#section-5.4)of the FAPI 2.0 Security Profile it says:
> Elliptic curve keys shall have a minimum length of 160 bits
Why 160 bits? The text above for JWTs has “ES256, or EdDSA \(using the Ed25519 subtype\)” which are 256 bit. So JWT EC usage is already required to be more bits. Is this for TLS? Or something else/more? And shouldn’t it match up to the minimum strength of the minimum RSA key length? \(which AFAIK would be 224 for EC to be of similar bit strength to RSA 2048 that the internet tells be provides 112 bits of security\)
It’d be great, if someone out there in FAPI land could explain this. And/or maybe the 160 bit number needs to be changed?
More information about the Openid-specs-fapi
mailing list