CryptoSys PKI Toolkit Manual

Security options for encrypted private keys

Private keys are stored by default in a PKCS-8 encrypted format, protected by a password. The default algorithm is "pbeWithSHAAnd3-KeyTripleDES-CBC" from PKCS-5.

The approximate ranking for the encryption schemes in increasing order of security is

  1. "pbeWithMD2AndDES-CBC"
  2. "pbeWithMD5AndDES-CBC"
  3. "pbeWithSHA1AndDES-CBC"
  4. ...big gap!...
  5. "pbeWithSHAAnd3-KeyTripleDES-CBC" (default)
  6. "pkcs5PBES2" + "des-EDE3-CBC"
  7. "pkcs5PBES2" + "AES128-CBC"
  8. "pkcs5PBES2" + "AES192-CBC"
  9. "pkcs5PBES2" + "AES256-CBC"

The less-secure algorithms pbeWithxxxAndDES-CBC using single DES are provided just in case you need compatibility with an older system. Do not use them unless you have to.

The PBES2 scheme uses the PKCS-5 PBKDF2 key derivation function with hmacWithSHA1 as the default psuedo-random function (PRF). To use a stronger message digest function from the SHA-2 family in the PRF, add one of the following options

  1. PKI_HASH_SHA224 for hmacWithSHA224
  2. PKI_HASH_SHA256 for hmacWithSHA256
  3. PKI_HASH_SHA384 for hmacWithSHA384
  4. PKI_HASH_SHA512 for hmacWithSHA512

So, for example, to specify using PBES2 with AES256-CBC-Pad as the block cipher and HMAC-with-SHA256 as the PRF, use 

	
Dim nOptions As Long
nOptions = PKI_PBE_PBES2 + PKI_BC_AES256 + PKI_HASH_SHA512

Remember that the security of all these schemes is limited by the strength of the password used. Also, other systems may not necessarily support all the alternatives provided here.

[Contents] [Index]

[HOME]   [NEXT: Technical Details...]
Copyright © 2004-12 D.I. Management Services Pty Ltd. All rights reserved.