SSL RSA Strength
Asymmetric ciphers like RSA are evaluated by National Institute of Standards and Technology by converting them to equivalent symmetric cipher values.
This module implements the technique used by NIST (a General Number Field Sieve), allowing you to compare the relative strength of different RSA modulus sizes (RSA 1024, 2048, 4096, etc) as if they were symmetric ciphers.
In short: if you're interested in comparing the relative strengths of RSA key sizes, this module is for you.
Please also note that strength is only a small portion of choosing a key size: there are considerable drawbacks in using a 4096 bit key, including slower handshakes affecting the time taken for browsers to connect, as well as increased CPU usage on both the server and the browser.
This module now also includes ECC cipher strength.
See 'Interpreting the results' below for further information.
npm install ssl-rsa-strength
var getStrength = require('ssl-rsa-strength'); getStrength.rsa(modulus); getStrength.ecc(pSize);
Modulus is, for RSA, what is commonly referred to as key size, eg, 2048, 4096 etc.
pSize is, for ECC, what is commonly referred to as key size, eg, 256, 512 etc.
OpenSSL default key size (non-EV)
LibreSSL default key size (non-EV)
Minimum for a EV SSL certificate per cabforum guidelines
Interpreting the results
Results should be read as if comparing a symmetric cipher, eg, a strength of 116 bits means you theoretically have 2^116 possibilities to bruteforce.
Why theoretically? The GNFS is a heuristic: it's a tool to help you measure the relative strengths of different RSA key sizes but it is not exact. See The number field sieve by Arjen K. Lenstra page 5,section 3 for further discussion.
Implementation details, future vulnerabilities in RSA, and other factors can affect the strength of an RSA key. The attack that breaks RSA 2048 could also break RSA 4096.
In addition: the original NIST cypher rounded down to commonly used symmetric key sizes to allow comparison with existing common symmetric cipher values - so you could say 'RSA 1024 is equivalent to AES 80', whereas this module gives the raw results.
The values are checked against the Mathematica implementation from Crypto StackExchange mentioned below.
In particular, these two threads on Crypto StackExchange have excellent discussion used in researching the development of this module: