Our users are aware that old Syncplify.me Server! versions (from 1.0 to 3.x) used to support only a single host key, and it had to be an RSA key.
As of version 4.0, though, Syncplify.me Server! supports RSA, DSA, and ECDSA host keys, and it support multiple (unlimited) host keys per virtual server.
The addition of DSA keys was mostly driven by the fact that some of our customers possess legacy DSA host/server keys that they are required to use, in order for certain client applications to work properly. The addition of ECDSA host keys instead is a truly remarkable new feature, and to understand why just check out the comparison table here below:
| ECDSA key size | RSA/DSA equivalent key size |
| 256 | 3,072 |
| 384 | 7,680 |
| 521 | 15,360 |
As you can see, a relatively small ECDSA key size is equivalent, in terms of security, to a much longer RSA or DSA key. This means greatly increased security and lower CPU usage. It’s a win-win.
So what’s the downside? Well, being a relatively new technology, ECDSA keys with ECDH key exchange, older client software may not support it yet. But that’s another reason why our version 4.0 now supports multiple host keys, so that you can have both a brand new ECDSA key and a legacy RSA key for all those clients that don’t support the new technology yet.