Key size encrypt for exchange 2013

Dear All,
I need to store encrypted information for outlook 2010 user with exchange 2013
what is the best practice for exchange 2013 about Key size
2048 bit RSA  or 4096 bit RSA ?

Thanks in advance
Who is Participating?
arnoldConnect With a Mentor Commented:
Best is a balance between what you need and what is out there.
The received is based on the certificate you obtain, the sent is based on the certificate the other party obtained.

If you get a new certifcate every year with new keys, a mid range 2048 would be optimal as it will provide the protection without the significant performance hit. As years go buy and newer and more powerful systems become prevalent, you would raise the bit rate/change the encryption process ......
The larger the bit the longer it would take to decode. And consequently the longer it will take to encrypt/decrypt.

The question is whether you are looking to encrypt data being sent or received.
Presumably you have either a CA that is issuing user certificates or each user buys a personal certificate that is then used to encrypt/decrypt messages.
MbouchamaAuthor Commented:
Thanks for your response
we will use the encrypt data for sent and recieve and we use External CA like Thawte
I think probably we will have a issue with performance if we use 4096 bit RSA  ?
what is the best way ?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.