Is it safe to shorten the RSA key to 64 bytes?

Question

im trying to encrypt Realm DB. Key should be 64 bytes long. Minimum api level of my application is 21, so I can generate only RSA key, which minimum length is 512 bytes, relying on an android sdk solution. Is it safe to shorten the RSA key to 64 bytes?

KeyStoreHelper.createKeys(application, "REALM_KEY")

RealmConfiguration.Builder()
    .name("MyDatabaseName")
    .encryptionKey(KeyStoreHelper.getSigningKey("REALM_KEY")!!.take(64).toByteArray())
    .schemaVersion(2)
    .deleteRealmIfMigrationNeeded()
    .build()
    .run(Realm::setDefaultConfiguration)

score 0 · Answer 1 · answered May 24 '20 at 15:31

came across this answer on /security.stackexchange.com

TL:DR

Traditionally, the "length" of a RSA key is the length, in bits, of the modulus. When a RSA key is said to have length "2048", it really means that the modulus value lies between 22047 and 22048. Since the public and private key of a given pair share the same modulus, they also have, by definition, the same "length".A 2048-bit modulus can theoretically fit over exactly 256 bytes (since 256*8 = 2048) but you need more bytes to encode the other values.

Is it safe to shorten the RSA key to 64 bytes?

1 Answers1