[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Using a password as a private key.

To: [email protected]
Subject: Using a password as a private key.
From: RedRook <[email protected]>
Date: Tue, 27 Oct 1998 13:53:07 -0800 (PST)
Sender: [email protected]


&#130;&#130;&#130;&#130;Assymetic crypto systems such as
Diffie-Hellman, El-Gamel, and DSS, allow the private key to be a
randomly chosen number. &#130;But, as a cute hack, instead of using a
random number, for the private key, you could use a hash of the User
Name, and a password. 

Doing�so�allows�the�users�to�generate their private key on demand.
They don't have to store the private key, and if they want to work on
a�another computer, they don't need to�bring�along a copy.&#130;
Has any one tried this? Is there existing software that does this? Any
comments on the security of such a scheme? &#130;
The only draw back that I can think of is the potential lack of
randomness in the key. If the user chooses a bad password, it would be
possible to brute force the public key.&#130;
Harv.&#130;&#130;[email protected]&#130;&#130;&#130;&#130;&#130;&#130;&#130;&#130;
_________________________________________________________
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com

Follow-Ups:
- Re: Using a password as a private key.
  - From: [email protected] (Ulf M�ller)
- Re: Using a password as a private key.
  - From: Bill Stewart <[email protected]>

Prev by Date: Re: dbts: Cryptographic Dog Stocks, The Dirigible Biplane, and Sending the Wizards Back to Menlo Park
Next by Date: Re: No Subject
Prev by thread: Re: dbts: Cryptographic Dog Stocks, The Dirigible Biplane, and Sending the Wizards Back to Menlo Park
Next by thread: Re: Using a password as a private key.
Index(es):
- Date
- Thread