Confirm, administrator
5,526
edits
Changes
m
→NIST Recommendations
** IFC (e.g., RSA) Minimum: k=3072
** ECC (e.g. ECDSA) Minimum: f=256
The NIST document also has this footnote about the SHA-1 Hash Function:
* SHA-1 has recently been demonstrated to provide less than 80 bits of security for digital signatures; at the publication of this Recommendation, the security strength against collisions is assessed at 69 bits. The use of SHA-1 is not recommended for the generation of digital signatures in new systems; new systems should use one of the larger hash functions. (SHA-224, SHA-256, SHA-384 and SHA-512)
