---
title: RSA keys should be at least 2,048 bits
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > Code Security > Static Code Analysis (SAST) > SAST
  Rules > RSA keys should be at least 2,048 bits
---

# RSA keys should be at least 2,048 bits

{% callout %}
# Important note for users on the following Datadog sites: app.ddog-gov.com, us2.ddog-gov.com

{% alert level="danger" %}
This product is not supported for your selected [Datadog site](https://docs.datadoghq.com/getting_started/site.md). ({% placeholder "user-datadog-site-name" /%}).
{% /alert %}

{% /callout %}

## Metadata{% #metadata %}

**ID:** `rust-security/rsa-key-too-short`

**Language:** Rust

**Severity:** Warning

**Category:** Security

**CWE**: [326](https://cwe.mitre.org/data/definitions/326.html)

**Related CWEs**:

- [328](https://cwe.mitre.org/data/definitions/328.html)

## Description{% #description %}

RSA keys shorter than 2,048 bits can be factored with modern hardware and cloud-scale compute, exposing encrypted data and signatures to recovery or forgery. NIST SP 800-57 recommends a minimum of 2,048 bits, with 3,072 or 4,096 bits preferred for data with long-term secrecy requirements. The `min-length` argument can be raised above the 2,048-bit default to enforce a stricter threshold. Values below 2,048 are clamped to the NIST minimum.

#### Learn More{% #learn-more %}

- [CWE-326: Inadequate Encryption Strength](https://cwe.mitre.org/data/definitions/326.html)

## Arguments{% #arguments %}

- `min-length`: Minimum length of the RSA key. Default: 2048.

## Non-Compliant Code Examples{% #non-compliant-code-examples %}

```rust
use rsa::RsaPrivateKey;
use openssl::rsa::Rsa;
use rand::rngs::OsRng;

fn bad() -> Result<(), Box<dyn std::error::Error>> {
    let mut rng = OsRng;

    // `rsa` crate — classic too-short key
    let _ = RsaPrivateKey::new(&mut rng, 1024)?;

    // Fully qualified path
    let _ = rsa::RsaPrivateKey::new(&mut rng, 1024)?;

    // Digit separator below threshold
    let _ = RsaPrivateKey::new(&mut rng, 1_024)?;

    // Type-suffixed literal below threshold
    let _ = RsaPrivateKey::new(&mut rng, 1024usize)?;

    // new_with_exp also flagged
    let exp = rsa::BoxedUint::from(65537u64);
    let _ = rsa::RsaPrivateKey::new_with_exp(&mut rng, 1024, exp)?;

    // `openssl` crate
    let _ = Rsa::generate(1024)?;

    Ok(())
}
```

## Compliant Code Examples{% #compliant-code-examples %}

```rust
use rsa::RsaPrivateKey;
use openssl::rsa::Rsa;
use rand::rngs::OsRng;

fn ok() -> Result<(), Box<dyn std::error::Error>> {
    let mut rng = OsRng;

    // `rsa` crate at the minimum
    let _ = RsaPrivateKey::new(&mut rng, 2048)?;

    // Digit separator and type suffix — both >= 2048
    let _ = RsaPrivateKey::new(&mut rng, 2_048)?;
    let _ = RsaPrivateKey::new(&mut rng, 4096usize)?;

    // Fully qualified path
    let _ = rsa::RsaPrivateKey::new(&mut rng, 2048)?;

    // new_with_exp with sufficient bits
    let exp = rsa::BoxedUint::from(65537u64);
    let _ = rsa::RsaPrivateKey::new_with_exp(&mut rng, 2048, exp)?;

    // `openssl` crate at or above the minimum
    let _ = Rsa::generate(2048)?;
    let _ = openssl::rsa::Rsa::generate(4096)?;

    Ok(())
}
```
  Seamless integrations. Try Datadog Code SecurityDatadog Code Security 
{% icon name="icon-external-link" /%}