At this time the assumption is that a key for a symmetric encryption method should be at least 100 bit to be considered adequately secure. Asymmetric keys, as for example used in many public key methods, require longer keys for their security to be equivalent to symmetrical processes. 40 or 64 bit keys are now considered inadequate and unsecure.
Long keys do negatively impact the performance of applications based on the processing power required from the device for encryption and decryption. So depending on a device’s processing power it may take considerably longer to encrypt a message with a long key and to decrypt the message on the other end.
