encryption used by JCEKS keyStore in JavaTM Cryptography Extension..?

Question

In JCEKS key Store which algorithm used and what is the size of key .
i find something that its use Triple DES

but what is the key size..?

Thank's

Answer 1

Currently, each PrivateKey and SecretKey entry in a JCEKS key store is encrypted with 3-key triple DES in CBC mode with PKCS #5 padding. This has an effective cryptographic strength of 112 bits, although the key is 168 bits plus 24 parity bits for a total of 192 bits.

This key (and the initialization vector) is derived from a password using a proprietary MD5-based algorithm. Normally, deriving the initialization vector from the key would defeat the purpose, but each entry also has a unique salt for key derivation. This means that the derived key and initialization vector are unique to to each entry.

You can study the use of the cipher and the cipher itself in the source code.

Answer 2

JCEKS is another Proprietary keystore format, available from the "SunJCE" provider in the JCE (Java Cryptography Extension).

If you're not using the JCE, then you would use JKS keystore. If, however, you have installed the JCE and you are using JCE functionality, then your best bet is the JCEKS keystore. This keystore provides much stronger protection for stored private keys by using Triple DES encryption.