[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using a password as a private key.




>‚‚‚‚Assymetic crypto systems such as
>Diffie-Hellman, El-Gamel, and DSS, allow the private key to be a
>randomly chosen number. ‚But, as a cute hack, instead of using a
>random number, for the private key, you could use a hash of the User
>Name, and a password. 

That has been proposed in the context of elliptic curve cryptography
where the keys don't need much entropy. I think George Barwood's
pegwit works that way.

I don't like the idea though. You're giving everybody the chance to
run a password guessing attack on your secret key.