Christian Screen
Christian Screen

Fixing the ‘1.2.840.113549.1.5.3 not available’ PKCS encryption Issue


More modern systems rely on private and public key creation to connect securely between applications or users. This includes systems such as Github, Snowflake and other general protocols like SSH.

In general you can use terminal based software on local machines such as SSH to connect with the private/public key pair. Programmatically just about all major languages can encrypt and decrypt encryption algorithms given the pair. One well-known API/library for this is Bouncy Castle (

Whether using Bouncy Castle or another library you may encounter this issue where you receive an error message attempting to decrypt a key that is password encrypted.

unable to read encrypted data: 1.2.840.113549.1.5.3 not available: requires PBE parameters

Also, similar a similar error could be thrown such as…

Unknown PBE type 1.2.840.113549.1.5.3

We see that the set of numbers 1.2.840.113549.1.5.3, technically represents an algorithm. But that algorithm used when creating an OpenSSL key has been deprecated/removed several years ago. That algorithm seems to have been found to be insecure. I believe OpenSSL keeps this default version around when running OpenSSL for backwards compatibility but if one is not encrypting their key then technically it doesn’t matter.

So whats the solution?

In order to comply with a modern security standards, when creating your encrypted private key with openssl pkcs8, you should use the flag for -v2. This will allow you to use the v2.0 PKCS#8 (PKCS#5) algorithms such as des3

Thoughts on Snowflake Public/Private Key Pair Authorization

Since Snowflake continues to update their documentation, one should always read the latest document. If we take a peek at their user key pair authentication, we see that not only have they recommended the -v2 flag option but then use des3 algorithm when generating an encrypted private key.

openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out rsa_key.p8

More to explorer

International Women's Day 2024

International Women’s Day 2024: Empowerment and Progress

As we commemorate International Women’s Day on March 8th each year, it’s a time to honor the resilience, accomplishments, and contributions of women worldwide. In 2024, this day holds particular significance as we take stock of the strides made, acknowledge persistent challenges, and recommit ourselves to the pursuit of gender equality.

Bank grade security

5 Steps to Configure Key Pair Authentication in Snowflake

Key pair authentication is a secure way to access your Snowflake data warehouse without relying solely on traditional username and password authentication. In this step-by-step guide, we will walk you through the process of setting up key pair authentication in Snowflake. We’ll also cover how to install OpenSSL, a crucial tool for generating the necessary key pair.


Streamlining Your Bullhorn CRM: Mastering Duplicate Data Management

Discover the most effective strategies for eliminating duplicate records in your Bullhorn CRM. Duplicates can hinder your productivity, lead to data inaccuracies, and impact your relationships with clients and candidates. In this insightful session, we will guide you through best practices, cutting-edge tools, and proven techniques to ensure a clean and efficient CRM database.

Scroll to Top