RSA-2048

⚠️ Transitional Algorithm Warning

RSA-2048 is provided only for backward compatibility and hybrid cryptography during migration to post-quantum algorithms. This algorithm will be deprecated by 2030.

Do not use RSA-2048 for new systems. Use ML-KEM or other PQC algorithms instead.

Overview

RSA-2048 is a classical public-key cryptosystem based on the difficulty of factoring large integers. While secure against classical computers, it is vulnerable to quantum attacks using Shor’s algorithm.

Security Level

Classical Security: ~112 bits
Quantum Security: 0 bits (completely broken)
NIST Category: Not quantum-resistant

Algorithm Details

Parameters

Key Size: 2048 bits (256 bytes)
Public Exponent: 65537 (F₄)
Padding: OAEP for encryption, PSS for signatures
Hash Function: SHA-256

Key Sizes

Public Key: 256 bytes
Private Key: 256 bytes (P and Q factors)
Ciphertext: 256 bytes
Signature: 256 bytes

Use Cases

Acceptable Uses (Until 2030)

Legacy system compatibility
Hybrid cryptography with PQC
Transition period operations
Backward compatibility requirements

Unacceptable Uses

New system deployments
Long-term data protection
Post-2030 operations
Primary security mechanism

Implementation Status

Platform	Status	Version	Notes
Go	✅ Complete	3.1.0	Pure implementation
Rust	✅ Complete	3.1.0	Memory-safe
Python	✅ Complete	3.1.0	Pure Python
C	✅ Complete	3.1.0	Header and implementation
TypeScript	✅ Complete	3.1.0	BigInt-based
Swift	✅ Complete	3.1.0	Custom BigInt
Java	✅ Complete	3.1.0	Android-compatible
C#	✅ Complete	3.1.0	.NET Standard 2.0
Kotlin	✅ Complete	3.1.0	JVM/Android
WASM	✅ Complete	3.1.0	From Rust (1.5KB)

Performance Benchmarks

Operation	Time	Throughput	Notes
Key Generation	~500ms	2 keys/sec	CPU-intensive
Encryption	~0.2ms	5000 ops/sec	Fast
Decryption	~8ms	125 ops/sec	Uses CRT
Signing	~8ms	125 ops/sec	Same as decryption
Verification	~0.2ms	5000 ops/sec	Fast

Migration Path

Recommended Replacements

Current Use	Replace With	Migration Complexity
Key Exchange	ML-KEM-768	Medium
Digital Signatures	ML-DSA-65	Medium
Encryption	ML-KEM + AES-256-GCM	High
Authentication	Falcon-512	Low

Hybrid Mode Example

// Use both RSA and PQC during transition
func HybridEncrypt(data []byte) ([]byte, error) {
    // RSA for compatibility
    rsaCt, _ := rsaKey.Encrypt(data)
    
    // ML-KEM for quantum resistance
    mlkemCt, _ := mlkemKey.Encapsulate(data)
    
    // Return both ciphertexts
    return append(rsaCt, mlkemCt...), nil
}

Security Considerations

Vulnerabilities

Quantum Attack: Completely broken by Shor’s algorithm
Classical Attacks: Factorization advances ongoing
Side Channels: Timing attacks on naive implementations
Padding Attacks: Must use OAEP/PSS correctly

Mitigations

Use only as transitional solution
Implement in hybrid mode with PQC
Apply constant-time operations
Plan complete migration by 2030

Standards Compliance

PKCS#1 v2.2: RSA Cryptography Specifications
NIST SP 800-56B Rev. 2: Key Establishment Using RSA
FIPS 186-5: Digital Signature Standard (being phased out)

API Reference

Go

import "github.com/metamui/crypto-go/rsa2048"

key, err := rsa2048.GenerateKey()
ciphertext, err := key.PublicKey.Encrypt(message)
plaintext, err := key.Decrypt(ciphertext)

Rust

use metamui_rsa2048::{PrivateKey, PublicKey};

let key = PrivateKey::generate()?;
let ciphertext = key.public_key().encrypt(&message)?;
let plaintext = key.decrypt(&ciphertext)?;

Python

from metamui_crypto.rsa2048 import generate_key

key = generate_key()
ciphertext = key.public_key.encrypt(message)
plaintext = key.decrypt(ciphertext)

TypeScript

import { generateKey } from '@metamui/rsa2048';

const key = await generateKey();
const ciphertext = key.publicKey.encrypt(message);
const plaintext = key.decrypt(ciphertext);

Deprecation Timeline

2025 Q1: RSA-2048 added for transition
2025-2027: Hybrid mode recommended
2028: Deprecation warnings begin
2029: Feature freeze, security fixes only
2030 Q1: Complete removal from library