diff --git a/lib/jwk/key/rsa.js b/lib/jwk/key/rsa.js
index 999f0bd357..42d53c90ef 100644
--- a/lib/jwk/key/rsa.js
+++ b/lib/jwk/key/rsa.js
@@ -62,6 +62,10 @@ class RSAKey extends Key {
   }
 
   algorithms (operation, { use = this.use, alg = this.alg } = {}) {
+    if (this.length < 2048) {
+      return new Set()
+    }
+
     if (alg) {
       return new Set(this.algorithms(operation, { alg: null, use }).has(alg) ? [alg] : undefined)
     }
@@ -106,7 +110,7 @@ class RSAKey extends Key {
   }
 
   static async generate (len = 2048, opts, privat = true) {
-    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0) {
+    if (!Number.isSafeInteger(len) || len < 2048 || len % 8 !== 0) {
       throw new TypeError('invalid bit length')
     }
 
@@ -116,7 +120,7 @@ class RSAKey extends Key {
   }
 
   static generateSync (len = 2048, opts, privat = true) {
-    if (!Number.isSafeInteger(len) || len < 512 || len % 8 !== 0) {
+    if (!Number.isSafeInteger(len) || len < 2048 || len % 8 !== 0) {
       throw new TypeError('invalid bit length')
     }
 
diff --git a/test/fixtures/index.js b/test/fixtures/index.js
index 0c445f9e4c..51cfeba94b 100644
--- a/test/fixtures/index.js
+++ b/test/fixtures/index.js
@@ -45,6 +45,8 @@ module.exports.JWK = {
   }
 }
 
+module.exports.RSA_512 = readFileSync(join(__dirname, 'rsa_512.pem'))
+
 module.exports.PEM = {
   RSA: {
     private: readFileSync(join(__dirname, 'rsa.key')),
diff --git a/test/fixtures/rsa_512.pem b/test/fixtures/rsa_512.pem
new file mode 100644
index 0000000000..4e89803c32
--- /dev/null
+++ b/test/fixtures/rsa_512.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANfIj0FsIfWjNqyGxriALLDMU6qUTts+
+LvQc2rVWj9iC4IPFZKIFZB10V+FDGBsA8o9VmQlA6/fDxsZNW+rRLckCAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/test/jwk/rsa.test.js b/test/jwk/rsa.test.js
index 54e654e0c4..0a074f5e48 100644
--- a/test/jwk/rsa.test.js
+++ b/test/jwk/rsa.test.js
@@ -34,6 +34,14 @@ test(`RSA key .algorithms invalid operation`, t => {
     t.deepEqual([...result], ['PS256', 'RS256', 'PS384', 'RS384', 'PS512', 'RS512', 'RSA-OAEP', 'RSA1_5'])
   })
 
+  test('RSA < 2048 bits does not support any algorithms', t => {
+    const keyObject = createPublicKey(fixtures.RSA_512)
+    const key = new RSAKey(keyObject)
+    const result = key.algorithms()
+    t.is(result.constructor, Set)
+    t.deepEqual([...result], [])
+  })
+
   test('RSA Private key algorithms (no operation, w/ alg)', t => {
     const key = new RSAKey(keyObject, { alg: 'RS256' })
     const result = key.algorithms()