RSA-2048 keys are no longer VS-NfD compliant starting 2024

The Federal Office for Information Security (BSI) recommended the use of at least 3000-bit RSA keys as early as 2023. The use of RSA keys with a key length of 2048 bits was permitted only for a transition period until the end of 2023.

See also: "BSI TR-02102 Cryptographic Mechanisms: Recommendations and Key Lengths".

In accordance with the security operating procedures of the BSI for GnuPG VS-Desktop® the conformity of RSA-2048 keys for VS-NfD use ceased on 01.01.2024.

The use of RSA-3072 is still permitted without restriction.

GnuPG VS-Desktop® has always created RSA-3072 keys by default, so you are usually not affected.

Please note that there are smart cards that only support RSA-2048. These can therefore no longer be used for the encryption of VS-NfD data.