tags:

views:

267

answers:

2
+1  Q: 

Trying to understand Java RSA key size

The key generator was initilized with a size of 1024, so why the printed sizes are 635 and 162?

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;

public class TEST {

    public static KeyPair generateKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException {
    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
    keyPairGenerator.initialize(1024);
    return keyPairGenerator.generateKeyPair();
    }

    public static void main(String[] args) throws Exception {

    KeyPair keyPair = generateKeyPair();
    RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
    RSAPublicKey publicKey = (RSAPublicKey) keyPair.getPublic();

    System.out.println("Size = " + privateKey.getEncoded().length);
    System.out.println("Size = " + publicKey.getEncoded().length);

    }

}
+1  A: 

First hint: 1024 bits = 128 bytes

Second hint: privateKey.getEncoded() returns an encoded representation (i.e. not raw).

leonbloy  2010-05-27 13:41:59
thanks for hint 2, so how do I get the raw?
Tom Brito  2010-05-27 15:35:41
The "key size" means different things for different coders, and is not trivially related to the key. In the case of RSA it's the size of the modulus. (You should use getModulus() ) See ZZ Coder's answer.
leonbloy  2010-05-27 15:41:17
there's something wrong, the getModulus return a number of 309 digits. If this means the size is 309, its still not what a had setted (1024).
Tom Brito  2010-05-27 15:44:39
digits are not bits
leonbloy  2010-05-27 15:47:09
third hint : 1024 * Log10(2) = 308.25 => 1024 bits ~ 309 decimal digits
leonbloy  2010-05-27 16:00:08
why Log10(2)?..
Tom Brito  2010-05-27 18:39:20
leonbloy  2010-05-27 19:34:35
+4  A: 

RSA keys are made of Modulus and Exponent. The key size refers to the bits in modulus. So even without any encoding overhead, you will need more than 128 bytes to store 1024-bit keys.

getEncoded() returns ASN.1 DER encoded objects. The private key even contains CRT parameters so it's very large.

To get key size, do something like this,

   System.out.println("Key size = " + publicKey.getModulus().bitLength());

Here are the relevant ASN.1 objects,

  RSAPrivateKey ::= SEQUENCE {
      version           Version,
      modulus           INTEGER,  -- n
      publicExponent    INTEGER,  -- e
      privateExponent   INTEGER,  -- d
      prime1            INTEGER,  -- p
      prime2            INTEGER,  -- q
      exponent1         INTEGER,  -- d mod (p-1)
      exponent2         INTEGER,  -- d mod (q-1)
      coefficient       INTEGER,  -- (inverse of q) mod p
      otherPrimeInfos   OtherPrimeInfos OPTIONAL
  }


  RSAPublicKey ::= SEQUENCE {
      modulus           INTEGER,  -- n
      publicExponent    INTEGER   -- e
  }
ZZ Coder  2010-05-27 14:44:39
so, how do I check its size in the example code?
Tom Brito  2010-05-27 15:36:19
See my edits ......
ZZ Coder  2010-05-27 16:17:50

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java