I've seen many places refer to "256 bits certificates" in SSL encryption. Assuming they are talking about the key size, when I look at these certificates in browser I see 256 bytes instead. I know 1 bytes = 8 bits, so am I reading this wrong or should it instead be "256-bytes certificates"?
-
1This looks like a 2048 bit key to me = 256 bytes, or am I overlooking something? – VGC3OCJA50 Aug 03 '19 at 10:06
-
Where did you see "256 bits certificates"? Google doesn't find many hits. – Gilles 'SO- stop being evil' Aug 03 '19 at 13:45
-
Wherever you saw it, it could have been intended as a reference to the sha256 signature algorithm, especially if was written a few years ago when a lot of people were busy replacing their old certificates that had used sha1. – Aug 03 '19 at 18:18
1 Answers
I've seen many places refer to "256 bits certificates" in SSL encryption.
You are most likely thinking about 256-bit symmetric cipher key sizes. The only 256-bit certificates are ECDSA, and the image you show has an RSA certificate. There are no 256-bit RSA certificates, but there are plenty of 256-bit symmetric keys (e.g. keys for AES, a common cipher in TLS).
when I look at these certificates in browser I see 256 bytes instead.
With the eight bit byte, 256 bytes is equal to 2048 bits, which is a common RSA modulus size, and thus a common RSA key and signature size. Public key cryptosystems like RSA require a larger key because they are attacked not using brute force (in which case 256 bits is more than secure enough), but through various other mathematical methods. In the case of RSA, the best known method to break it is integer factorization. Securing against factorization requires a modulus size of at least 2048 bits, or 256 bytes.
am I reading this wrong or should it instead be "256-bytes certificates"?
What you are looking at is the RSA public key, not the certificate.
For more detailed information, see How does SSL/TLS work?.
- 65,613
- 20
- 208
- 262
-
I am certain this answer to correct for OP's question but I wanted to point out that there are ECDSA NIST P-256 WebPKI X.509 certificates and they are 256bit. They are reasonably popular - the 10% of the web that uses Cloudflare uses them. – Z.T. Jan 06 '22 at 13:32