RSA Key Pair Size


When generating your S/MIME certificate, you'll be asked to specify the key size for your new certificate. As a rule of thumb, larger keys are more secure but slower. Smaller keys do decryption, encryption, verification and signatures much quicker than larger keys. For most applications, 1024 bit keys are quite sufficient. Keys larger than 2048 bits may not be interpreted by some S/MIME implementations. Also, it will take a  considerable amount of time to generate very large keys (3072 bits and more). Keys smaller than 768 bits are recommended for testing purposes only and are not considered to be secure by today's standards.