Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.

NIST recommendations will be checked for these
use-cases:

**Digital Signature Generation** and **Verification:**

- p ≥ 2048 AND q ≥ 224 for DSA (
`p`

is key length and `q`

the modulus length)
- n ≥ 2048 for RSA (
`n`

is the key length)

**Key Agreement**:

- p ≥ 2048 AND q ≥ 224 for DH and MQV
- n ≥ 224 for ECDH and ECMQV (Examples:
`secp192r1`

is a non-compliant curve (`n`

< 224) but `secp224k1`

is
compliant (`n`

>= 224))

**Symmetric keys**:

This rule will not raise issues for ciphers that are considered weak (no matter the key size) like `DES`

, `Blowfish`

.

## Noncompliant Code Example

KeyPairGenerator keyPairGen1 = KeyPairGenerator.getInstance("RSA");
keyPairGen1.initialize(1024); // Noncompliant
KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec1 = new ECGenParameterSpec("secp112r1"); // Noncompliant
keyPairGen5.initialize(ecSpec1);
KeyGenerator keyGen1 = KeyGenerator.getInstance("AES");
keyGen1.init(64); // Noncompliant

## Compliant Solution

KeyPairGenerator keyPairGen6 = KeyPairGenerator.getInstance("RSA");
keyPairGen6.initialize(2048); // Compliant
KeyPairGenerator keyPairGen5 = KeyPairGenerator.getInstance("EC");
ECGenParameterSpec ecSpec10 = new ECGenParameterSpec("secp256r1"); // compliant
keyPairGen5.initialize(ecSpec10);
KeyGenerator keyGen2 = KeyGenerator.getInstance("AES");
keyGen2.init(128); // Compliant

## See