UPDATE: QID 38171 “SSL Certificate – Server Public Key less than 2048 bit”  

Document created by eschamp on Jul 24, 2012Last modified by Robert Dell'Immagine on Aug 3, 2012
Version 11Show Document
  • View in full screen mode

Rationale Why 1024-Bit Certificates Do Not Cause a PCI Failure

The PCI DSS states that encryption should follow industry standards such as the National Institute of Standards and Technology (NIST). NIST states in several special publications that 1024 bit certificates can be used in 2010, but in 2011 certificates need to migrate to 2048 bits (SP800-57 & SP800-131A). However, although NIST Special Publication 800-131A states that the cryptographic lifecycle for 1024 ends in 2010, NIST later added an updated appendix (page 17) that extended the timeline for 1024 bit certificates from 2010 to 2013.


Because cracking has not advanced as quickly as initially anticipated, NIST has delayed their original timeline, and now has stated that 1024 bit keys can be used through the end of 2013. They do specify that these keys would be considered Deprecated, which "means that the use of the algorithm and key length is allowed, but the user must accept some risk", based primarily on the fact that as we approach the end of the cryptocycle, now the end of 2013, there is an increased risk that they keys could be cracked. If they do become cracked at any point, then people would immediately be required to switch to 2048. Merchants should already be transitioning to 2048 bit certificates since the revised deadline is less than 2 years away, and since certificates typically have a 2 year lifespan.


This means that although there is increasing risk in using 1024 bit certificates as the 2013 end date approaches, it is still currently acceptable to use 1024 bit certificates per this extended timeline. Qualys is therefore modifying its detection to report the presence of 1024 bit certificates; however, this will not cause a failure for PCI Compliance.


Note: Although your current certificate chain may be using key lengths of 2048 bit, your server may also be presenting an old certificate chain using 1024 bit key lengths.