I'm working on a software which deals with lots (several millions) of RSA private keys. Keysize is 2048, I'm going to store them in database in PEM format.
I want keys to be encrypted to mitigate risks of hostile access to database. Naturally, applying passphrase with PKCS#8 comes to mind.
However, I'm not sure it is safe to apply same passphrase to millions of private keys. If someone gets the database, will it be possible for them to decrypt keys, knowing the fact that same passphrase where used?
If PKCS #8 is not safe in this scenario, what better options I have, given fact that I can use same passphrase (or limited number of them) to encrypt data?