Journal of Cryptology

, Volume 14, Issue 4, pp 255–293 | Cite as

Selecting Cryptographic Key Sizes

  • Arjen K. Lenstra
  • Eric R. Verheul


In this article we offer guidelines for the determination of key sizes for symmetric cryptosystems, RSA, and discrete logarithm-based cryptosystems both over finite fields and over groups of elliptic curves over prime fields. Our recommendations are based on a set of explicitly formulated parameter settings, combined with existing data points about the cryptosystems.

Key words. Symmetric key length, Public key length, RSA, ElGamal, Elliptic curve cryptography, Moore's law. 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2001

Authors and Affiliations

  • Arjen K. Lenstra
    • 1
  • Eric R. Verheul
    • 2
  1. 1.Citibank, N.A., 1 North Gate Road, Mendham, NJ 07945-3104, U.S.A. and Technische Universiteit EindhovenUS
  2. 2.PricewaterhouseCoopers, GRMS Crypto Group, Goudsbloemstraat 14, 5644 KE Eindhoven, The Netherlands eric.verheul@[,]NL

Personalised recommendations