Bouncy Castle RSA keypair generation using Lightweight API

java security encryption rsa bouncycastle
Andrey picture Andrey · Jun 21, 2010 · Viewed 11.8k times · Source

Surprisingly enough there's very little information on the Web about using Bouncy Castle's lightweight API. After looking around for a while I was able to put together a basic example:

RSAKeyPairGenerator generator = new RSAKeyPairGenerator();
generator.init(new RSAKeyGenerationParameters
    (
        new BigInteger("10001", 16),//publicExponent
        SecureRandom.getInstance("SHA1PRNG"),//prng
        1024,//strength
        80//certainty
    ));

AsymmetricCipherKeyPair keyPair = generator.generateKeyPair();

I have a basic understanding of RSA and the math that happens behind the scenes, so I understand what publicExponent and strength are. I presume publicExponent refers to a coprime of phi(pq) and from what I gather it can be small (like 3) as long as appropriate padding is used. However, I have no idea what certainty refers to (some place mentioned that it might refer to a percentage but I want to be sure). The use of SecureRandom is self-explanatory. The documentation of RSAKeyGenerationParameters is completely worthless (no surprise there). My only guess is that it has something to do with the accuracy of the generated keys, but again I want to be sure. So my question is what are appropriate values for certainty and publicExponent?

P.S. Please don't reply with "it depends on the context - how secure you want the information to be". It's pretty safe to assume highest degree of security (i.e. 4096-bit RSA key or greater) unless otherwise specified... I would also appreciate links to sources that give good example of the use of Bouncy Castle's Lightweight API (I'm not at all interested in the JCA implementation or any examples pertaining to it).

Answer

ZZ Coder picture ZZ Coder · Jun 21, 2010

You are using correct values for both.

The publicExponent should be a Fermat Number. 0x10001 (F4) is current recommended value. 3 (F1) is known to be safe also.

The RSA key generation requires prime numbers. However, it's impossible to generate absolute prime numbers. Like any other crypto libraries, BC uses probable prime numbers. The certainty indicate how certain you want the number to be prime. Anything above 80 will slow down key generation considerably.

Please note that RSA algorithm still works in the unlikely event that the prime number is not true prime because BC checks for relative primeness.

Related questions

Encrypt Password in Configuration Files?

I have a program that reads server information from a configuration file and would like to encrypt the password in that configuration that can be read by my program and decrypted. Requirments: Encrypt plaintext password to be stored in the …

Read More
InvalidKeyException : Illegal Key Size - Java code throwing exception for encryption class - how to fix?

I've been trying to get some working Java code to use for encrypting Paypal buttons. This is no easy task! Even when I get some code, from Paypal, I'm faced with errors..ugh.. So here is what I have so …

Read More
How do I generate a SALT in Java for Salted-Hash?

I've been looking around and the closest answer is : How to generate a random alpha-numeric string? I want to follow this workflow according to this CrackStation tutorial: To Store a Password Generate a long random salt using a CSPRNG. Prepend …

Read More