As is usually the case when we look a little deeper things are not that simple. In the this case we have to care about a few other things, for example what are the qualifications of the third-party, what are their practices and what cryptographic algorithms did they use to produce the digital certificate? This is especially true when pki 2048 bitcoin comes to decisions relating to what cryptographic algorithms and key lengths are accepted and used by that third-party.
Thankfully you do not need to be a cryptographer to make good decisions on this topic, first we need to start with an understanding of the history, future and then considerations. History In recent history the industry has relied on two algorithms, the first being an encryption algorithm called RSA the second being a hash algorithm called SHA-1. Both of which have are considered weaker now due to advances in cryptanalysis. RSA’s strength and performance is based on the size of the key used with it, the larger the key the stronger and slower it is. These advances in cryptanalysis have driven the increase in key size used with this algorithm which in turn has increased the amount of computing power necessary to maintain the same effective strength. The problem with this is that that every time we double the size of an RSA key the decryption operations with that key become 6-7 times slower.
RSA certificates have keys of 2048 bits in length or longer. That takes us to SHA-1, hash algorithms take a variable amount of input and reduce it to a typically shorter and fixed length output the goal of which being to provide a unique identifier for that input. The important thing to understand is that hash algorithms are always susceptible to collisions and the advances in the cryptanalysis have made it more likely that such a collision can be made. The problem here is that there is no parameter to tweak that makes this problem harder for an attacker, the only way to address this issue is to change to a stronger algorithm to produce the hash. Future For the last decade or so there has been slow and steady movement towards using two new algorithms to address these advances — SHA-2 and ECC. ECC has the potential for significant performance benefits over RSA without reducing security and SHA-2 has three versions each with progressively longer lengths which help it both address the current risks and give it some longevity.
Interoperability is the key that ensures the fewest hassles — if it was not for this we would simply switch to these new algorithms and be done with it. As is normally the case when it comes to security this is where Windows XP rears its ugly head, SHA-2 was added to XP in Windows XP Service Pack 2 and ECC in Windows Vista. ECC and SHA-2 in full for about 5 years. This leaves us with RSA 2048 and SHA-1 which thankfully is broadly considered sufficient for the next decade.