Default strength of RSA encryption

Discussion in 'Java' started by DamonChong, Jan 24, 2006.

  1. DamonChong

    DamonChong Guest

    Hi,

    I have two questions relating to the keytool program bundled in the
    standard SUN JDK v1.5.x. I am using this keytool program to generate a
    server certificate with the RSA algorithm for my Tomcat engine. My
    questions are firstly, does anyone know what is its default encryption
    strength if we never specify the keysize? Secondly, I am not in the USA
    but the JDK is downloaded from SUN, is its crypto strength limited by
    export restriction on encryption software in the United States? In
    another word, if I specify -keysize 1024, will keytool truly respect
    this option?

    Thank you very much.

    Regards,
    Damon
    DamonChong, Jan 24, 2006
    #1
    1. Advertising

  2. DamonChong

    Mike Amling Guest

    DamonChong wrote:
    > Hi,
    >
    > I have two questions relating to the keytool program bundled in the
    > standard SUN JDK v1.5.x. I am using this keytool program to generate a
    > server certificate with the RSA algorithm for my Tomcat engine. My
    > questions are firstly, does anyone know what is its default encryption
    > strength if we never specify the keysize? Secondly, I am not in the USA
    > but the JDK is downloaded from SUN, is its crypto strength limited by
    > export restriction on encryption software in the United States? In
    > another word, if I specify -keysize 1024, will keytool truly respect
    > this option?


    I suggest using the experimental method. Generate a default-length
    keypair, and a keypair with -keysize 1024, and look at the length of the
    generated moduli.

    --Mike Amling
    Mike Amling, Jan 24, 2006
    #2
    1. Advertising

  3. DamonChong

    Roedy Green Guest

    On Tue, 24 Jan 2006 18:06:08 GMT, Mike Amling <>
    wrote, quoted or indirectly quoted someone who said :

    > I suggest using the experimental method. Generate a default-length
    >keypair, and a keypair with -keysize 1024, and look at the length of the
    >generated moduli.


    keytool.exe does not tell you what it is ,but you can out with keyman.

    See http://mindprod.com/jgloss/keyman.html

    my cert is 1024 bits. I don't recall ever doing anything special to
    request extended strength. I live in Canada so Sun may have given it
    to me automatically.

    The law is silly. It does not stop anyone from using extra strength
    encryption, it just ensures American companies won't provide it,
    giving the business to foreign competitors. It is an anti-business
    law, most peculiar.

    It also hurts domestic sales of American encryption products. Why buy
    something from a US company than works only in the USA where you can
    buy from competitor a product that works anywhere?

    --
    Canadian Mind Products, Roedy Green.
    http://mindprod.com Java custom programming, consulting and coaching.
    Roedy Green, Jan 24, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. gg
    Replies:
    0
    Views:
    2,704
  2. Scott Hamlin

    RSA Encryption error

    Scott Hamlin, Dec 3, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    684
    Scott Hamlin
    Dec 3, 2004
  3. DougJrs

    RSA encryption

    DougJrs, Apr 1, 2007, in forum: Java
    Replies:
    1
    Views:
    379
    rossum
    Apr 1, 2007
  4. Evren Esat Ozkan
    Replies:
    3
    Views:
    724
    Paul Rubin
    Jul 17, 2008
  5. Max2006
    Replies:
    3
    Views:
    398
    Max2006
    Oct 31, 2008
Loading...

Share This Page