When setting up DKIM, you'll need to choose a key size. The two most common options are 1024-bit and 2048-bit RSA keys. While both can technically work, they offer very different levels of security—and the choice matters more than you might think.
This guide explains the differences, the security implications, and provides a clear recommendation for which key size to use in 2025 and beyond.
Understanding DKIM Key Sizes
DKIM uses RSA public-key cryptography. The "bit" number refers to the key length—essentially how large and complex the cryptographic key is.
How RSA Works (Simply Explained)
DKIM signing involves:
- A private key on your mail server that signs outgoing emails
- A public key in your DNS that receiving servers use to verify signatures
The key size determines how difficult it is for an attacker to "crack" the key—to derive your private key from the public one and forge signatures.
1024-bit Keys: The Legacy Standard
1024-bit keys were the original DKIM standard and are still widely supported.
Advantages
- Universal compatibility – Works with all email systems and DNS providers
- Smaller DNS records – Fits easily in a single DNS TXT record
- Faster signing/verification – Less computational overhead (though negligible in practice)
Disadvantages
- Weaker security – Cryptographic strength is insufficient by modern standards
- Potentially crackable – With sufficient resources, 1024-bit RSA keys can theoretically be broken
- Not future-proof – Security margin will only decrease over time
Security Concerns
In 2012, researchers demonstrated that 1024-bit RSA keys could be factored (cracked) with significant computing resources. While not trivial, it's within reach of well-funded attackers or nation-states.
Major cryptographic organizations, including NIST, have recommended against 1024-bit RSA since 2013 for any security-critical applications.
2048-bit Keys: The Modern Standard
2048-bit keys are now the recommended standard for DKIM and all RSA applications.
Advantages
- Strong security – Considered secure through at least 2030 by NIST
- Future-proof – Adequate security margin for years to come
- Industry standard – Required or recommended by major email providers
- No practical performance impact – Modern servers handle 2048-bit easily
Disadvantages
- Larger DNS records – May require splitting across multiple strings
- Some DNS limitations – Very old DNS systems may have issues (rare)
Security Comparison
Here's how the key sizes compare in terms of security:
| Aspect | 1024-bit | 2048-bit |
|---|---|---|
| Cryptographic strength | ~80 bits of security | ~112 bits of security |
| Estimated time to crack | Potentially feasible with resources | Infeasible with current technology |
| NIST recommendation | Deprecated since 2013 | Recommended through 2030+ |
| PCI-DSS compliance | Not compliant | Compliant |
| Industry status | Legacy/discouraged | Current standard |
The security difference is substantial. A 2048-bit key is not just "twice as good"—it's exponentially harder to break. Cracking a 2048-bit key would require computing power millions of times greater than cracking a 1024-bit key.
DNS Considerations
One practical difference involves DNS record sizes:
1024-bit Public Key
A 1024-bit public key is approximately 180 characters, fitting easily in a single DNS TXT record.
2048-bit Public Key
A 2048-bit public key is approximately 400 characters. Some DNS providers may require splitting this across multiple quoted strings within the TXT record:
v=DKIM1; k=rsa; p="MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA..."
"...continuation of public key..."
Most modern DNS providers handle this automatically. If yours doesn't, you can manually split the key at any point (avoiding the v= and p= prefixes).
What Major Email Providers Require
Google Workspace
Google supports both 1024-bit and 2048-bit keys but recommends 2048-bit. When generating DKIM keys in the Admin Console, 2048-bit is the default option.
Microsoft 365
Microsoft requires 2048-bit keys for DKIM. 1024-bit keys are not supported for new configurations.
Major Email Receivers
Gmail, Yahoo, Outlook, and other major providers accept both key sizes for verification. However, using 1024-bit may trigger additional scrutiny or reputation penalties from security-conscious receivers.
Our Recommendation: Use 2048-bit
There's no good reason to use 1024-bit keys in 2025. Here's why:
- Security is paramount – DKIM protects your domain from impersonation. Use the strongest available protection.
- Compatibility is not an issue – All modern email systems support 2048-bit keys.
- DNS handling is solved – Major DNS providers handle large TXT records without problems.
- Future-proofing – You won't need to urgently upgrade later when 1024-bit becomes completely deprecated.
- Compliance – Many security frameworks require 2048-bit minimum.
Bottom line: Always choose 2048-bit DKIM keys for new implementations.
What If You're Currently Using 1024-bit?
If you have existing 1024-bit DKIM keys, consider upgrading:
Priority: High
- Organizations handling sensitive data (healthcare, finance, legal)
- Businesses with compliance requirements (PCI-DSS, SOC 2, HIPAA)
- High-volume senders where reputation is critical
Priority: Medium
- General business email
- Marketing email senders
- Any organization that hasn't rotated keys recently
How to Upgrade
Upgrading from 1024-bit to 2048-bit follows the standard key rotation process:
- Generate a new 2048-bit key pair
- Publish the new public key with a new selector
- Update your mail server to use the new key
- Monitor for issues
- Remove the old 1024-bit key
What About Larger Keys?
4096-bit Keys
Some systems support 4096-bit keys, but they're not recommended for DKIM:
- DNS limitations – Keys exceed 512 bytes, causing issues with some DNS resolvers
- Diminishing returns – 2048-bit is already secure through 2030+
- Compatibility issues – Some email systems don't support keys this large
- Performance overhead – Signing is noticeably slower (though still fast)
2048-bit provides the optimal balance of security and compatibility.
Ed25519 (Elliptic Curve)
Some discussions mention Ed25519, an elliptic curve algorithm that offers strong security with smaller keys. However:
- Support is still emerging in the email ecosystem
- Not all email receivers validate Ed25519 signatures
- RSA 2048-bit remains the safe, compatible choice
Watch for Ed25519 adoption in the future, but stick with RSA 2048-bit for now.
Checking Your Current Key Size
To find out what key size your domain currently uses:
Method 1: DNS Lookup
Query your DKIM record and examine the public key length:
dig TXT [selector]._domainkey.yourdomain.com
- ~180 characters in the
p=value = 1024-bit - ~400 characters in the
p=value = 2048-bit
Method 2: Online Tools
Use MxToolbox's DKIM Lookup tool—it will tell you the key size directly.
Method 3: Email Headers
Check a received email's authentication results. Some providers include the key size in their DKIM verification output.
0 comments