Size considerations for public and private keys
RACF® has restrictions for the size of the private key for certificates that have associated private keys.
For NISTECC keys, valid key sizes are 192, 224, 256, 384, and 521 bits. For BPECC keys, valid key sizes are 160, 192, 224, 256, 320, 384, and 512 bits.
For DSA keys, the minimum key size is 512. For RSA keys, the minimum size for clear RSA keys and secure RSA keys on the public key data set (PKDS) is 512 bits. The minimum size for secure RSA keys on the token key data set (TKDS) is 1024 bits and the size must be a multiple of 256. The maximum key size is determined by United States export regulations and is controlled by RACF and non-RACF code in z/OS. Depending on the installation, non-RACF code might enforce a lower maximum size.
Private key type | Maximum key size |
---|---|
RSA key that is stored in the RACF database | 4096 bits |
RSA key that is stored in the ICSF TKDS as a secure key | 4096 bits |
RSA key that is stored in the ICSF PKDS as a CRT key token | 4096 bits |
DSA key | 2048 bits |
RSA key that is stored in the ICSF PKDS as an ME key token | 1024 bits |
NISTECC key | 521 bits |
BPECC key | 512 bits |
Currently, the standard sizes for RSA keys are as follows:
Key size | Key strength |
---|---|
512 bits | Low-strength key |
1024 bits | Medium-strength key |
2048 bits | High-strength key |
4096 bits | Very high-strength key |
Key strength considerations: Shorter keys of the ECC type, which are generated when you specify NISTECC or BPECC, achieve comparable key strengths when compared with longer RSA keys.
RSA key size | NISTECC key size | BPECC key size |
---|---|---|
1024 bits | 192 bits | 160 or 192 bits |
2048 bits | 224 bits | 224 bits |
3072 bits | 256 bits | 256 or 320 bits |
7680 bits | 384 bits | 384 bits |
15360 bits | 521 bits | 512 bits |
Hashing algorithm
used for signing |
Signing key size | ||
---|---|---|---|
RSA | NISTECC | BPECC | |
SHA-1 | Less than 2048 bits | — | — |
SHA-256 | 2048 bits or
longer |
192, 224,
or 256 bits |
160, 192, 224,
256, or 320 bits |
SHA-384 | — | 384 bits | 384 bits |
SHA-512 | — | 521 bits | 512 bits |