RFR: 8267319: Use larger default key sizes and algorithms based on CNSA [v8]

Xue-Lei Andrew Fan xuelei at openjdk.java.net
Thu Mar 24 06:45:42 UTC 2022


On Wed, 23 Mar 2022 22:48:41 GMT, Valerie Peng <valeriep at openjdk.org> wrote:

>> It's been several years since we increased the default key sizes. Before shifting to PQC, NSA replaced its Suite B cryptography recommendations with the Commercial National Security Algorithm Suite which suggests:
>> 
>> - SHA-384 for secure hashing
>> - AES-256 for symmetric encryption
>> - RSA with 3072 bit keys for digital signatures and for key exchange
>> - Diffie Hellman (DH) with 3072 bit keys for key exchange
>> - Elliptic curve [P-384] for key exchange (ECDH) and for digital signatures (ECDSA)
>> 
>> So, this proposed changes made the suggested key size and algorithm changes. The changes are mostly in keytool, jarsigner and their regression tests, so @wangweij Could you please take a look?
>> 
>> Thanks!
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Added comment regarding possible deadlocks.

Looks good to me.  Thanks!

src/java.base/share/classes/sun/security/util/SecurityProviderConstants.java line 137:

> 135:     public static final int DEF_ED_KEY_SIZE;
> 136:     public static final int DEF_XEC_KEY_SIZE;
> 137:     // the logic for finding the max allowable value in getDefAESKeySize()

Capital the 1st letter?

-------------

Marked as reviewed by xuelei (Reviewer).

PR: https://git.openjdk.java.net/jdk/pull/7652


More information about the core-libs-dev mailing list