Are people using 4096-bit DKIM keys, and what is the recommended DKIM key length?

Key findings

• 4096-bit keys: While not yet widespread, 4096-bit DKIM keys are being generated and observed in use by some senders, particularly those seeking enhanced security.
• 2048-bit standard: The industry standard and recommended minimum for new DKIM implementations remains 2048-bit, offering a good balance between security and broad compatibility. You can learn more about the trade-offs in our guide on 1024-bit vs 2048-bit DKIM keys.
• Deprecation of shorter keys: Keys shorter than 1024-bits (like 512-bit or 768-bit) are considered insecure and are often deprecated by major mailbox providers, leading to authentication failures.
• RFC recommendations: RFC 6376, the standard for DKIM, states that signers MUST use RSA keys of at least 1024 bits for long-lived keys. Find the official documentation on the IETF Datatracker.

Key considerations

• Compatibility: While 2048-bit is broadly supported, the compatibility of 4096-bit keys across all email systems and DNS providers might vary. Some older systems may encounter issues.
• DNS record length: Longer keys result in larger DNS TXT records. This can pose challenges if your DNS provider has limitations on TXT record length.
• Performance impact: While negligible for most senders, very long keys can theoretically slightly increase processing time for signing and verification.
• Future-proofing: As computing power increases, stronger encryption becomes necessary over time. However, the current consensus is that 2048-bit keys provide sufficient security for the foreseeable future.

Key opinions

• Adoption of 4096-bit: Some marketers and implementers are experimenting with or have successfully deployed 4096-bit keys, indicating a move towards higher security, albeit selectively.
• Preference for 2048-bit: Many still prefer 2048-bit keys due to their proven reliability and wide acceptance across various email ecosystems.
• Concerns about older systems: There are valid concerns about whether all recipient systems, especially older ones, can correctly process and verify DKIM signatures made with 4096-bit keys, potentially leading to deliverability issues.
• Monitoring key sizes: Marketers are interested in monitoring the prevalence of different key sizes in the wild to inform their own authentication strategies.

Key considerations

• DNS limitations: The practicality of implementing longer keys often hinges on DNS provider capabilities, as some have TXT record length limitations that might prevent publishing a 4096-bit key.
• Inbox placement risk: Introducing a key length not widely supported could result in DMARC failures and negatively impact inbox placement, making it a cautious choice for production environments.
• Ease of rotation: While larger keys are more secure, the process of generating and rotating them should also be considered. Best practices for DKIM key rotation apply regardless of length.
• Security vs. practicality: For many, the perceived security benefit of 4096-bit keys doesn't yet outweigh the potential compatibility and operational complexities. Mailjet provides a detailed comparison on DKIM 1024 vs 2048.

Key opinions

• Sufficiency of 2048-bit: Many experts agree that 2048-bit keys currently provide ample security against known cryptographic attacks for email authentication.
• Limited 4096-bit support: While 4096-bit offers greater cryptographic strength, its support is not universally mandated by RFCs, meaning some verifiers might not support it, even if there's no technical reason they wouldn't.
• Insecurity of short keys: Keys like 512-bit are easily crackable with modern computing power, making them highly vulnerable. Gmail, for example, deprecated 512-bit on the inbound side years ago.
• Forward-thinking security: There's a continuous need to evaluate key lengths against evolving attack methodologies, even if current keys are deemed secure. Twilio offers insights into 2048-bit DKIM keys and best practices.

Key considerations

• Cryptographic strength vs. overhead: Longer keys increase cryptographic strength but also computational overhead. Experts weigh this trade-off for practical email systems.
• RFC compliance: Adhering to RFC-mandated key lengths ensures the broadest compatibility and highest chance of successful DKIM validation. Understanding best practices for SPF, DKIM, and DMARC is crucial.
• Key rotation strategy: Regardless of key length, regular key rotation is a critical security practice to mitigate the risk of compromise over time.
• Monitoring: Experts recommend continuously monitoring key usage in email streams to gather data and inform future recommendations on appropriate key sizes.

Key findings

• RFC 6376 minimum: The RFC specifies that RSA keys of at least 1024 bits MUST be used for long-lived DKIM keys, setting a baseline for security.
• 2048-bit as common practice: While 2048-bit isn't explicitly a MUST requirement, it is widely adopted and recommended by major email platforms and authentication guides as a robust choice.
• No 4096-bit mandate: There is no current RFC or widespread documentation mandating the use of 4096-bit DKIM keys, suggesting they are an optional enhancement rather than a standard requirement.
• DNS TXT record limits: Documentation often notes the practical constraints of DNS TXT records, which can limit the maximum length of a DKIM public key, especially for 4096-bit keys.

Key considerations

• Adherence to standards: To ensure maximum deliverability and trust, it is crucial to adhere to the latest DKIM specifications and recommended practices for implementing DKIM.
• Interoperability: While technically possible, using key lengths significantly beyond the recommended standard (e.g., 2048-bit) can introduce interoperability challenges with some older or less compliant systems.
• DNS record management: Organizations should consult their DNS provider's documentation regarding TXT record size limits when considering larger DKIM keys to avoid publication issues. Consider a custom DKIM signature to manage this.
• Security vs. practicality: Documentation generally prioritizes the balance between sufficient security and broad, reliable implementation across the internet.