The study on SPF, DKIM, and DMARC records of the top 1M websites revealed over 1,700 public DKIM keys under 1,024 bits, defying security standards since 2018. The experiment successfully cracked a 512-bit key from redfin.com through factorization on a cloud server. Despite most email providers rejecting the compromised DKIM signature, Yahoo Mail, Mailfence, and Tuta passed it, raising concerns. With technology advancements making key cracking easier, stronger precautions against shorter RSA keys below 1,024 bits are necessary. Domain owners are advised to review outdated DKIM records for compliance with the 1,024-bit minimum standard to ensure secure email authentication.
https://dmarcchecker.app/articles/crack-512-bit-dkim-rsa-key