Most of cryptographic systems require a sufficient key size to be robust against brute-force attacks.

NIST recommendations will be checked:

Use / Algorithm DSA RSA ECDSA DH MQV ECDH ECMQV Block Cipher
Digital Signature Generation p ≥ 2048 AND q ≥ 224 n ≥ 2048 See table below x x x x x
Digital Signature Verification p ≥ 2048 AND q ≥ 224 n ≥ 2048 See table below x x x x x
Key Agreement x x x p ≥ 2048 AND q ≥ 224 p ≥ 2048 AND q ≥ 224 See table below See table below x
Encryption and Decryption x x x x x x x AES-128, 192, 256

This rule will not raise issues for ciphers that are considered weak (no matter the key size) like DES, Blowfish.

h3. Notation
* DSA ([Digital Signature Algorithm
https://en.wikipedia.org/wiki/Digital_Signature_Algorithm]): p is key length and q the modulus length
* EC ([Elliptic-curve
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography])
EC parameters EB EC ED EE
Length of n 224-255 256-383 384-511 512+
Maximum bit length of cofactor h 14 16 24

Noncompliant Code Example

$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 1024, // Noncompliant
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);

Compliant Solution

$config = array(
    "digest_alg" => "sha512",
    "private_key_bits" => 2048 // Compliant
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config);

See

* OWASP Top 10 2017 Category A3 - Sensitive Data Exposure

* OWASP Top 10 2017 Category A9 - Security Misconfiguration

* NIST 800-131A - Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

* MITRE, CWE-326 - Inadequate Encryption Strength