In spite of that the first paper about the RSA algorithm has been published in 1977, thus it is almost fifty years old, a large percentage of key pairs related to certificates still relies on the algorithm. In our previous post, some aspects of RSA were mentioned namely that how safe is the algortihm, and that what do the corresponding sunset dates mean, however there was no mention of practical considerations for end users.

Cryptographic keys used in public key infrastructures may greatly differ from each other regarding their management and security needs; this usually depends on for how long we want to use them. This validity period may be a few minutes (e.g., for so-called short-term certificates) but it may even be fifty years (in case of long-term preservation/archiving). In the first example, out key is almost for one use, because its validity is so short that it cannot even be abused. However, if we wanted to preserve a file for a long time, it is important that it would be protected by a cryptographic algorithm that is secure for the whole preservation period (cannot be broken). Thus, in these cases, it is necessary to re-timestamp them, which means regularly applying a time stamp with a newer time stamp that uses an up-to-date algorithm, which protects the entire file.

About what qualifies as an up-to-date algorithm, specification ETSI TS 119 312 (AlgoPaper) makes provisions in Europe. According to the current version of the AlgoPaper, the most widely used RSA signature suite, sha256RSA with a 2048-bit key size is only supported until the end of 2025 (and according to our background information, it is not likely that this deadline will be postponed). AlgoPaper however does not specify a sunset date regarding ECC (Elliptic Curve Cryptography)-based solutions, and because more and more implementations and users have ECC keys, it is likely that it will replace RSA in the world of e-signatures.

The sunset date of sha256RSA means that these RSA-2048-protected files shall be re-timestamped with a stronger (typically ECC) time stamp on 31st December 2025 at the latest. It is also worth to apply more up-to-date (typically ECC) time stamps on our signatures even before the deadline, and it is worth switching to more up-to-date (typically ECC) signature algorithms.

If someone misses the change-over, they have to prepare having a lot of trouble with their preserved files, especially if they have to provide the validity of their electronically signed documents.

Luckily, as an end user, the problems with algorithms can easily be avoided. All we have to do is:

• To use a time stamp based on secure algorithm which has no specified sunset date, such as ECC. If we currently do not use such a time stamp, it is worth asking our provider if they can provide ECC-based solutions. If they cannot, then it is worth switching providers.
• To use a signature creation and validation application that is capable of handling the ECC algorithm. If we are unsure if our program can do so, use the newest version of the free e-Szignó client application.
• If we often get electronically signed documents or other timestamped files, we should prepare that we will see more and more ECC-based solutions, because in the future, providers are required to apply them.
• If we currently use RSA-2048 time stamps, then according to our preservation goal, we should re-timestamp our RSA-protected files with time stamps based on the ECC algorithm to provide long-term preservation where applicable.

If we take care of the above, we will likely have no problems regarding algorithms.

It is important to note that users of Microsec’s long-term (11-year) ECC time stamps only need to re-timestamp in 2033, while with RSA-2048 solutions, the task can only be procrastinated at the latest until 2025.

RSA’s not dead ... yet

RSA sunset date