Encryption key length – Allied Telesis AT-S63 User Manual

Chapter 33: Encryption Keys

390

Section IX: Management Security

Encryption Key Length

When you create a key pair, you have to specify its length in bits. The
range is 512, the default, to 1,536 bits, in increments of 256 bits. The
longer the key, the more difficult it is for someone to decipher. If you are
particularly concerned about the safety of your management sessions,
you might want to use a longer key length than the default, though the
default is likely to be sufficient in most situations.

Creating a key is a very CPU intensive operation for the switch. Although
the switch does not stop forwarding packets between the ports, the
process can impact the CPU’s handling of network events, such as the
processing of spanning tree BPDU packets, which can result in
unexpected and unwanted switch behavior.

A key with the default length should take the switch less than a minute to
create. Longer keys can take up to 15 minutes. You should take this into
account when creating a key to minimize the impact to the operations of
your network. If you intend to create a long key, consider creating it before
you connect the switch to the network, or during periods of low network
traffic.