RSA-2048 keys are no longer VS-NfD compliant starting 2024

Posted 03. January 2024 by Alexander Kulbartsch

The Federal Office for Information Security (BSI) recommended the use of at least 3000-bit RSA keys as early as 2023. The use of RSA keys with a key length of 2048 bits was permitted only for a transition period until the end of 2023.

See also: "BSI TR-02102 Cryptographic Mechanisms: Recommendations and Key Lengths".

In accordance with the security operating procedures of the BSI for GnuPG VS-Desktop® the conformity of RSA-2048 keys for VS-NfD use ceased on 01.01.2024.

The use of RSA-3072 is still permitted without restriction.

GnuPG VS-Desktop® has always created RSA-3072 keys by default, so you are usually not affected.

Please note that there are smart cards that only support RSA-2048. These can therefore no longer be used for the encryption of VS-NfD data.

Unless otherwise noted, these web pages are: Copyright 2024 g10 Code GmbH. Verbatim copying and distribution is permitted in any medium, provided this notice is preserved. See the Legal Notice & Privacy Policy for details. This page was last changed on 2024-05-08.