I remember when people who used 1024-bit keys were considered hopelessly paranoid. In real life it really wasn't all that long ago. In internet time, it was ages of course. I wouldn't be suprised at all by legacy installations that still had smaller keys. It still takes quite a bit of computational power to crack 768-bit keys. I don't believe even 512-bit keys can be cracked in anything approaching real-time, though they are within easy reach of someone with a bit of spare change, time, and a high-value target. Marking 768-bit keys as completely invalid is a bit excessive IMO. A warning for small keys would be sufficient for most of the few remaining organizations using them to have incentive to update to more secure keys.
The encryption bit depth can impact performance as system load increases. The tradeoff between performance and security can lead to a preference for 1024 bit keys over 2048. If thread affinity to processor cores does not induce a performance penalty then increasing the key strength to 2048 seems most appropriate. Otherwise “throw more hardware at it” becomes the loudest mantra in the organizations that I have developed software for and supported in production.