0

While I am a front-end developer and not a security expert programmer, I am worry about the keys I am using for my AES && RSA encryption. Please help me to understand:

  1. Is the following keys are secure ?
  2. Is the following keys are performant and fast ?
  3. I don't have any IV, is it good still without it ?
  4. If IV is good and wont affect the performance then How can I add it ?

RSA KEY

KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(1024);
KeyPair pair =keyGen.generateKeyPair();
PrivateKey privateKey = pair.getPrivate();
PublicKey publicKey = pair.getPublic();

AES KEY

SecureRandom random = new SecureRandom();
byte [] key = new byte [16];
random.nextBytes(key);
SecretKeySpec secretKey = new SecretKeySpec(key, "AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
Muhammad
  • 101
  • 3

1 Answers1

2

The RSA keys generated by the (Java) code in the question are 1024-bit, thus are not considered secure (even though there has not yet been any successful attack of a 1024-bit RSA key where that size was the only issue, see this). Security authorities no longer recommend anything below 2048-bit, and none that I know condones 2048-bit after 2030. Other common sizes (likely to remain safe sizably longer / against more powerful adversaries) are 3072 and 4096-bit.

The AES keys generated are 128-bit (since it consists of 16 random bytes and each byte is 8-bit), thus are appropriately sized to resist current attacks. There's consensus to consider them at least as secure as RSA-2048 when generated and used correctly. Other standard sizes are 192 and 256-bit, and give increased insurance, including against hypothetical Quantum Computers usable for cryptanalysis (which may or may not become reality before a global disaster makes earth unsuitable for human life).

It's impossible (and off-topic) to tell from the (Java) code linked if the key generators used are good or not. In particular, that depends heavily on the cryptoprovider used, which is tasked to allow use of a Smart Card or HSM. Even if the default Java cryptoprovider is used, it's quality depends on the particular JVM (including it's version), and the OS.

Practical security is also limited by many other factors. Among the most important are how the keys are stored or/and transmitted, and integrity of the platform the code runs on.

are these keys efficient?

For RSA: Yes, when it comes to use of the public key (encryption or signature verification), this is near best in class; no when it comes to use of the private key (decryption or signature generation). Other asymmetric algorithms are slower for public key, but considerably faster for private key. Yet beware that RSA is often more available. RSA is thus preferred when portability is paramount, or/and when public key operations dominate, e.g. signature of executable. ECC-based algorithms like EdDSA are preferable when available and there's an about even mix of public and private key usage.

For AES: Yes. AES-128 is typically one of the fastest symmetric-key algorithm available on a given platform.

I don't have any IV, is it good still without it ?

That's not answerable, for that depends on what good applies to. The key is still good. Using the key without IV can be anything from a disaster (e.g. for multiple AES-CTR encryption) to just fine (authentication).

If IV is good and wont affect the performance then how can I add it ?

An AES IV can be generated just like a 128-bit AES key.

fgrieu
  • 140,762
  • 12
  • 307
  • 587
  • Could you please suggest me for android systems and ios any better key ? Also please let me know how do we know the key size whether it is 128, 192 or 256 – Muhammad Nov 21 '20 at 15:43
  • See updated answer for how the key size in bit is deduced from the size of key. See the doc of random.nextBytes and SecureRandom for more (off-topic). Anything about Android or iOS is off-topic (less so at security-SE, or SO, or a system-specific forum. Read their help first!). And it's heavily dependent on version, programming language and development strategy. Plus on key management that depends on hardware targeted, and what's to be done. Sorry, a note won't do. – fgrieu Nov 21 '20 at 15:53
  • 1
    @fgrieu no mention of the mode of operations? And the transmit of the AES key like RSA-KEM? – kelalaka Nov 21 '20 at 20:26