DMARCGuardian Practical help for DMARC, SPF, DKIM, and BIMI.

Blog · Dkim

Why Short DKIM Keys in 2026 Are a Real Security Risk, Not Just a Best Practice Warning

By Dmarcguardian Editorial Team ·

In 2024, researchers cracked a 384-bit DKIM key in a matter of hours. Not through a zero-day. Through standard factorization and computing power available to anyone with a budget.

That matters. Because when someone cracks your DKIM key, they can send emails that pass DKIM verification, authenticated phishing that bypasses one of your main email security controls, invisibly.

What cracking a DKIM key actually means

DKIM signs email headers with a private key. The public key lives in DNS. Anyone with the private key can sign emails that verify as coming from your domain.

If an attacker factors your public DKIM key, they have the private key. They can send email that appears to be from your domain. Receiving servers see a valid DKIM signature. SPF does not matter. The message is authenticated.

This is not theoretical fraud. This is authenticated phishing that bypasses DKIM and looks completely legitimate to every receiving server that checks it.

Why DKIM keys are different from SSL/TLS

SSL/TLS certificates rotate. Most organizations replace them every 90 days. If someone cracks an SSL key, it is only useful until the next rotation.

DKIM keys do not rotate on their own. Most organizations set them once. Some have had the same DKIM key active for years.

That means a cracked DKIM key is useful for months or years, not hours. The economics change: spend effort once, use the key indefinitely. That is why short DKIM keys are a real risk and not just a theoretical concern.

The key lengths and what they mean

384-bit RSA - Used by some legacy systems and smaller providers. Researchers cracked this in hours. Treat any 384-bit key as compromised.

1024-bit RSA - Bare minimum today, and questionable. Factorable with substantial but achievable resources. Do not use for new deployments.

2048-bit RSA - Current recommended minimum. Factorable in theory; in practice requires nation-state resources or extreme dedicated effort. The standard for new DKIM deployments.

The practical line: anything below 2048-bit is a finding. Anything 384-bit is an emergency.

How to check your DKIM key length

A DNS lookup tells you what you need:

dig TXT selector._domainkey.yourdomain.com

Look for the p= value. That is your public key, base64-encoded.

Rough character counts to know:

  • ~50-60 base64 characters: 384-bit
  • ~90 characters: 512-bit
  • ~170-180 characters: 1024-bit
  • ~340-350 characters: 2048-bit

Most major providers (Google, Microsoft, Mailchimp, SendGrid) use 2048-bit by default. Smaller or older providers sometimes still use 1024-bit or 384-bit.

What to do if you find short keys

  1. Check provider support - Most major providers support 2048-bit. If yours does not, escalate it.
  2. Rotate the key - Regenerate in your provider's admin panel, update the DNS TXT record. Allow an overlap window where both keys are valid; DKIM has no built-in key rotation signaling.
  3. Audit third-party senders - If a marketing platform or SaaS tool sends on your behalf with a short key, contact them and demand 2048-bit minimum, or remove them from your sending infrastructure.

What DKIM2 means for key length

DKIM2 requires SHA-256 for hashing and allows Ed25519 keys, but it does not change the minimum key length requirement. 2048-bit RSA remains the recommended minimum.

If you are already using 2048-bit, your key length is aligned with what DKIM2 will require. If you are using shorter keys, the DKIM2 transition is an additional reason to rotate - the protocol is moving toward stronger crypto defaults.

What DMARCFlow does here

Aggregate reports do not show key length directly - that requires a DNS lookup. What they show is whether your DKIM pass rate is consistent. A sudden unexplained drop in DKIM pass rate, especially from a specific receiving infrastructure, can indicate an attacker testing a cracked key or attempting to route around your signatures.

DMARCFlow aggregate reports break down DKIM pass rate by sending domain and receiving infrastructure. When you combine that visibility with periodic DNS checks on your DKIM key lengths, you have both the real-time monitoring and the manual audit that this risk requires.

The short version

384-bit and 1024-bit DKIM keys are crackable. When an attacker cracks one, they can send authenticated phishing that bypasses DKIM - messages that look completely legitimate to receiving servers.

DKIM keys do not auto-rotate. A cracked key is useful for months or years. That makes it worth attacking.

Check your DKIM key length via DNS. Upgrade anything below 2048-bit. If your provider cannot give you 2048-bit DKIM, that is a vendor worth replacing.