Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft to Drop Support for 1024-bit Windows RSA Keys

Key Takeaways:

Microsoft is discontinuing Windows RSA keys shorter than 2048 bits to promote stronger encryption methods for server authentication.

Internet standards and regulatory bodies have already disallowed the use of 1024-bit keys since 2013, advocating for 2048 bits or longer for RSA keys.

Microsoft says that organizations relying on legacy software and devices with 1024-bit RSA keys will likely be affected.

Microsoft has announced plans to discontinue Windows RSA keys shorter than 2048 bits. The company explains that this step aims to prompt organizations to abandon weaker encryption methods in favor of stronger ones for server authentication.

Rivest-Shamir-Adleman (RSA) keys are the cryptographic keys used in the RSA encryption algorithm. RSA involves the use of a public and private key to encrypt data for secure communications over an enterprise network. RSA keys are utilized in Windows for a variety of purposes including server authentication, data encryption, and ensuring the integrity of communications and software updates.

Microsoft mentioned that RSA encryption has faced numerous challenges due to recent advancements in quantum computing and other cryptographic techniques. As a result, many organizations are now transitioning towards more secure encryption schemes to minimize the risks associated with RSA vulnerabilities.

“Internet standards and regulatory bodies disallowed the use of 1024-bit keys in 2013, recommending specifically that RSA keys should have a key length of 2048 bits or longer, Microsoft explained. “This deprecation focuses on ensuring that all RSA certificates used for TLS server authentication must have key lengths greater than or equal to 2048 bits to be considered valid by Windows.”

Microsoft urges upgrade to 2048-bit RSA Keys

As of this writing, Microsoft has not provided an ETA as to when the Windows RSA keys deprecation process would begin. However, this change will likely affect organizations that use legacy software and network-attached devices that use 1024-bit RSA keys.

Microsoft notes that the move will not impact TLS certificates issued by enterprise or test certification authorities (CA). The company recommends customers to update RSA keys to longer or equal to 2048 bits.

by Rabia Noureen
Mar 25, 2024

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

Streamlining SaaS Governance: How Nudge Security Simplifies Compliance and Security Management for Cloud Apps

Oct 30, 2023
Nov 03, 2023
The Dirty Truth About IT Offboarding Automation

Jul 21, 2023
Aug 25, 2023
Five Tactics Towards Achieving Zero Trust with Azure Active Directory

Aug 29, 2023
Feb 01, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.