I\'m developing application in Java that has to store RSA keys in software for f

Question

I'm developing application in Java that has to store RSA keys in software for foreseeable future (that is, at least 10 years).

The two most common standards of storing private keys are PKCS12 and JKS (Java Key Store). While PKCS12 supports many different algorithms, even the most secure ones are based on 3DES with SHA1. JKS is even worse as the default is based on MD5 and 3DES.

The Bouncy Castle Java library version of JKS is a bit better as it uses PBEWithSHAAndTwofish-CBC for "UBER" version of its key store format.

Are there any standard formats of private key storage that support encrypting the key pair using AES and SHA-2?

Explanation / Answer

RFC 5958 and RFC5959 seems to be the latest standard for storing encrypted private keys. It obsoletes RFC 5208, also known as PKCS#8. My understanding is that AES is one of the many encryption algorithms supported by RFC 5958.

The GNU Keyring File Format is a another standard for a file format that stores private keys using AES-128.

The Gnome Keyring implementation stores private keys using (among other things) AES-128 encryption. Alas, it doesn't seem to follow any published standard, but perhaps it can be seen as a de-facto standard. The Gnome Keyring FAQ briefly mentions that sometime in the future (after 2010) it will transition to "a standard way of encrypting the keyring" (PBKDF2) which apparently requires "A new file format" (perhaps one of the above formats?).

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.