Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
grabbee2019-07-04 18:00:21
JSON Web Token
grabbee, 2019-07-04 18:00:21

Is it scary to use 1024 RSA key?

I haven’t figured out if this is the problem yet, but it seems that generating a signature for JWT via RSA 4096 takes a lot more processor than when there was a signature via MD5 - is that so? Maybe try 1024 keys to reduce the CPU load during JWT signature generation (short lived 5 to 15 minutes in this case)?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
R
Ronald McDonald, 2019-07-04
@grabbee

Yes, hosspade, use 1024, you are not encrypting launch codes for nuclear warheads.
In addition, 5-15 minutes is nothing, a moment.

Report
M
Maxim Moseychuk, 2019-07-04
@fshp

RSA is an encryption algorithm and MD5 is a hash algorithm. They are not interchangeable. You can't sign with MD5 alone.

Similar questions
S
SerGio13132017-02-01 18:30:45
How to use JWT with Retrofit? 1Reply
V
vosyukov2017-02-07 18:59:54
How to correctly check if a user is logged in to passport-jwt? 0Reply
H
havemanyquestions2019-07-10 18:50:52
How to implement simultaneous access to the API of the user and the mobile application? 1Reply
V
Vladislav Prikhodko2017-03-04 00:59:08
Is jwt+API authorization properly implemented? 1Reply
D
Dmitry .2021-03-08 06:42:38
What is the best way to authorize users through JWT? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question