[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Using a password as a private key.
‚‚‚‚Assymetic crypto systems such as
Diffie-Hellman, El-Gamel, and DSS, allow the private key to be a
randomly chosen number. ‚But, as a cute hack, instead of using a
random number, for the private key, you could use a hash of the User
Name, and a password.
Doing so allows the users to generate their private key on demand.
They don't have to store the private key, and if they want to work on
a another computer, they don't need to bring along a copy.‚
Has any one tried this? Is there existing software that does this? Any
comments on the security of such a scheme? ‚
The only draw back that I can think of is the potential lack of
randomness in the key. If the user chooses a bad password, it would be
possible to brute force the public key.‚
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com