Score:2

Good asymmetric algorithm for Java keytool as of 2021

ke flag

While I expect to get flak for the term "best", some algorithms are widely considered better than others for essentially all purposes. For example, DES is no longer considered secure.

My particular problem is that I want to use keytool to generate a Java keystore, containing an asymmetric key, and don't know what algorithm to use. There's a list here: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#Cipher , but it doesn't give recommendations - and contains the aforementioned DES, so they're not all equally good.

On top of that, I tried a few for which I got "KeyPairGenerator not available".

The command I have for key generation is:

keytool -genkey -keyalg RSA -alias server -keystore selfsigned.jks -validity 1000 -keysize 2048

This may be fine, but I don't actually know one way or the other.

kelalaka avatar
in flag
It is not clear what you want! do you want symmetric (link) or asymmetric (tag)? On the link, the AES with a 256-bit key is the obvious choice.
dave_thompson_085 avatar
cn flag
The only asymmetric _Cipher_ supported by keystore, and keytool, in Java is RSA (at least until PQC, and probably even then); there are several _Signature_ algorithms and I'll tell you the 'best' one after you tell us the best color clothing for people to wear (all people, everywhere and always, for all purposes), since there are known ugly colors and thus by your logic there must be exactly one best one.
Score:2
in flag

DES is a symmetric cipher. Generally the Java key store is only used / usable for asymmetric key pairs, and to be even more precise, asymmetric key pairs with the accompanying certificate for it to become useful. Yes, RSA is still considered a good algorithm, although I would recommend a 3072 bit key pair for 128 bit security.

Note that RSA is not quantum secure, so don't use it for long term (say over 10 year) security. Beware that by default Java only uses a pretty bad method to derive the key from a password and then 3DES to protect the key store itself, even if PKCS#12 key stores are used. So make sure you protect the file itself and choose a strong password (i.e. one generated using a password generator, e.g. one of a password database).

knaccc avatar
es flag
Btw if you want to use PBEWithHmacSHA512AndAES_256 instead of the default 3DES to protect keys stored in a PKCS#12 keystore, they must be added programmatically rather than using keytool on the command line. See https://stackoverflow.com/a/47389384
dave_thompson_085 avatar
cn flag
keystore API requires a cert for asymmetric as you say, and keytool generates a selfsigned cert, and the only asymmetric algorithm (currently) capable of both direct encryption and signature is RSA; several signature-only algorithms are also supported. @knaccc: that's out of date; as of 8u301 (if you specify storetype, pkcs12 is not default for 8) 11.0.12 and 16 up, the default for pkcs12 is indeed HmacSHA512-AES256; see the release notes. (And because this uses PBES2 it can't be read due to a bug in older 8 and below, and 9 and 10 but they're 'dead'.)
knaccc avatar
es flag
@dave_thompson_085 Thanks, that's great! The java.security file is very interesting. Looks like the default in my JDK is keystore.pkcs12.keyProtectionAlgorithm = PBEWithHmacSHA256AndAES_256 with keystore.pkcs12.keyPbeIterationCount = 10000
Maarten Bodewes avatar
in flag
Yes, but 10000 is rather little, and note that PKCS#12 actually requires multiple runs of this algorithm, last time I looked at it anyway. Probably best to increase to a million or over if you don't use a generated password.
kelalaka avatar
in flag
I've iteration 383233 on Luks and with 4 cores they can test at most 11 passwords per sec with PBKDF2-SHA1.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.