This rule finds uses of encryption algorithms with too small a key size. Encryption algorithms are vulnerable to brute force attack when too small a key size is used.

The key should be at least 2048-bit long when using RSA encryption, and 128-bit long when using symmetric encryption.

Wikipedia. Key size.