What is the maximum length of private and public RSA keys?
What is the maximum length of private and public RSA keys?
In theory, there is no limit. In practice, there is a limit. Also, limits are usually imposed on the modulus size (n = p*q), and not the public or private key per se. You may be facing additional limits from your web server or database.
For OpenSSL and RSA, your RSA keys are limited to 16K at generation. There's also a limit imposed by OpenSSL's s_client
utility used during key exchange. The limit during key exchange is 2K, and it seems artificially low to me. You can side-step the s_client
limit by avoiding key transport schemes used during key agreement (i.e., use DH or EDH instead of RSA).
If you start hitting the limits, then it usually indicates its time to switch to elliptic curves. 16K RSA and 521-bit EC provides about 512-bits of security.
Also see Openssl software failure for RSA 16K modulus on the OpenSSL users mailing list.
Here are some factoids on RSA key generation time using the Crypto++ library from small (256-bit) to large (60K-bit). I believe the numbers were gathered about 5 years ago on a Core2 Duo machine. OpenSSL should have asymptotically similar running times.
cryptopp$ rsa_kgen.exe 61440
Elapsed time for 61140 RSA key: 25654.01s (7 hours, 7 minutes, 34 seconds)
cryptopp$ rsa_kgen.exe 30720
Elapsed time for 30720 RSA key: 2255.30s (37 minutes, 35 seconds)
cryptopp$ rsa_kgen.exe 15360
Elapsed time for 15360 RSA key: 285.05s (4 minutes, 45 seconds)
cryptopp$ rsa_kgen.exe 11776
Elapsed time for 11776 RSA key: 142.52s (2 minutes, 22 seconds)
cryptopp$ rsa_kgen.exe 8192
Elapsed time for 8192 RSA key: 43.08s (43 seconds)
cryptopp$ rsa_kgen.exe 4096
Elapsed time for 4096 RSA key: 0.70s
cryptopp$ rsa_kgen.exe 2048
Elapsed time for 2048 RSA key: 0.09s
cryptopp$ rsa_kgen.exe 1024
Elapsed time for 1024 RSA key: 0.01s
cryptopp$ rsa_kgen.exe 512
Elapsed time for 512 RSA key: 0.00s
cryptopp$ rsa_kgen.exe 256
Elapsed time for 256 RSA key: 0.00s
Yahya Uddin
CTO & Leader Developer of The Dealer App, with a Computer Science degree from University of Warwick (UK).
Updated on June 14, 2022Comments
-
Yahya Uddin almost 2 years
I am generating private and public keys using OpenSSL in PHP, which I intend to store in a database (although you probably don't need to know PHP to answer this question).
They look like this:
-----BEGIN ENCRYPTED PRIVATE KEY----- MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIi4rlLSKA9/8CAggA ... -----END ENCRYPTED PRIVATE KEY-----
and
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YvAFZHSGNITeDNdXFbc ... -----END PUBLIC KEY-----
(and yes those are just examples)
They have been created like so:
$resource = openssl_pkey_new([ 'private_key_bits' => '2048', "private_key_type" => OPENSSL_KEYTYPE_RSA, ]); openssl_pkey_export($resource, $privateKey, $passPhrase) === false $opensslDetails = openssl_pkey_get_details($resource); $publicKey = $opensslDetails['key'];
I want to know what the maximum length is for these private and public keys.
From my experimentation, I have found that:
- 1704 characters for private keys
- 1834 characters for private keys with passphrase
- 451 characters for public keys
However I haven't found any formal documentation on this to prove that this is the case, so I can't be sure.
-
Yahya Uddin over 7 yearsWow that's a detailed answer. So what in your opinion is a good upperbound in my database, as I obviously need an upperbound.
-
jww over 7 years@YahyaUddin - You use a key that has a security level to meet your needs. If the database cannot store it because its too large, then you increase the field size or switch databases to ensure your security requirements are met. Also see Are there any limits on length of string in mysql?, String field length in Postgres SQL? and How SQLite on Android handles long strings? Maybe you should provide the name of the database engine and your schema.
-
Yahya Uddin over 7 yearsI'm using MySql. I wanted to define a upper bound on the string length.
-
jww over 7 years@YahyaUddin - just guessing (and it may waste some space), but use
3*sizeof(n)*EncodingFactor+3*80
for a public key, and9*sizeof(n)*EncodingFactor+3*80
for a private key. Thec*sizeof(n)
is for the two fields of a public key or eight fields of a private key.EncodingFactor
tries to compensate for ASN.1 -> ASCII Encoding expansion (like Hex, Base32 or Base64). The3*80
attempts to account for the pre- and post-encapsulation headers. You may need to bump that to5*80
for fields like the DEK-Info. -
Yahya Uddin over 7 yearsWhat is
n
andencodingFactor
in my case. I know my key size is 2048. I just need to know how many characters I need to specify in MySQL.