# Public and Private Key Pairs

Information about the best-practice recommendations about key generation, storage and code examples for use of public and private keys with Integra's blockchain.

## Key Generation Overview

There are many different encryption algorithms but the best-practices recommendation is RSA. RSA is an asymmetric encryption algorithm. With a given key pair, data that is encrypted with one key can only be decrypted by the other. There are several different lengths that can be used, including 1024-bit, 2048-bit, and 4096-bit keys. In addition, the use of PKCS #1 will be seen when generating the keys. This standard defines the mathematical definitions and properties that RSA public and private keys must have. Below is an example of an RSA 1024-bit public key.

```
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCOtK3nW1bKNOYgjNcWrUZ/zPJ4
I4TiffWSqC15ylUI0X6SMFpzmM26AR8dxo/BhL3Zza4ztZMCVtpUU8CBxf1TTDTd
YtrnG3Jmdl/B+OF2cP3HXFdhBD2yJxs4O1meTEo1NHdeYWeypupslGrznuwhnIK9
mIRY7zEUxSONnApH5QIDAQAB
-----END PUBLIC KEY-----
```

Below is the corresponding private key.

```
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCOtK3nW1bKNOYgjNcWrUZ/zPJ4I4TiffWSqC15ylUI0X6SMFpz
mM26AR8dxo/BhL3Zza4ztZMCVtpUU8CBxf1TTDTdYtrnG3Jmdl/B+OF2cP3HXFdh
BD2yJxs4O1meTEo1NHdeYWeypupslGrznuwhnIK9mIRY7zEUxSONnApH5QIDAQAB
AoGAWVrw+UjME1kEL6WAmIZu+l8OBAPZlShhuC7uKrByhk8G/eqg+HjZeHpzTWWj
Zf0EE3kiduZe4rwXgW3fwGKEt8qYr/352+TCunxBnNeEpoEn+XJD1c1tFhDOCDjD
+77VmMZ7XsCY1Oq+5EadLKW26yl8e0riZCvDKzjkYXlxFwECQQDtj/WWpFH4Jmb2
Gbpu8DmqQ27XpTm0J2FC6fuLYcQMiNHrNgR40hHJYGNSpU/0hKIbvkXvosPQEIDI
XlEzq7SRAkEAmcgMkBaUjC+UmxK+JJiW2Q2sxeRVxM10UFdPXDjnVQhVaVHjR2Lc
9N9CV3KfevhS6ICQRJtRm8AJ3keN64j4FQJAcM1NsRUfcvRRKYR3+RuKViWk6TKk
Xr3gOhS+g6WNoOIKw2Qn5XLiTTu+jcy/VXzxOLk1nh8sWYysiff3GNDscQJBAI1M
7Y4v0UqGJavfqusBcgn6sLgcuFpe1fNEZl08xAKz55cgcQ+U3aX6xoCHh9Z7+eI8
z1LazD+qUub1JIg5kIkCQQDtTFoPGesmqARU5XOiosjLL2vfleGHi+VFmiD9HYN8
s8MzqYmysSN0DBl2I6LizsLOAdja8OMeJgTi5SA+ULhX
-----END RSA PRIVATE KEY-----
```

Do Not Share Private Key with anyone

The private key should be treated like a social security number or credit card number. If others get access to the private key they will be able to do anything with it that you were able to do, including registering the hashes of documents.

The private key needs to be stored securely, either on an enterprise key storage or in a secure folder storage system, such as a removable thumb drive.

## Key Generation

In order to use the Integra blockchain, a public key must be registered with the Identity that was generated in the first section of this guide. In almost any programming language, the crypto library/package will be needed in order to generate these keys. Below is an example of generating these keys in Node.

```
const { privateKey, publicKey } = crypto.generateKeyPairSync('rsa', {
modulusLength: 4096,
});
const pubkeyString = publicKey.export({ type: 'pkcs1', format: 'pem' });
const privkeyString = privateKey.export({ type: 'pkcs1', format: 'pem' });
```

The next section, Registering Identity and Key on Blockchain, in this guide will show how to correctly register the identity and key on the Integra blockchain so it will be registered correctly according to specifications.

Updated about 2 years ago