1998-10-27 - Using a password as a private key.
Header Data
From: RedRook <redrook@yahoo.com>
To: cypherpunks@toad.com
Message Hash: 80aae86deb5acdf900a84a144dcf7f25d9d8ec9107c7a6590d0a39c946a2ec77
Message ID: <19981027215307.3786.rocketmail@send1d.yahoomail.com>
Reply To: N/A
UTC Datetime: 1998-10-27 22:58:58 UTC
Raw Date: Wed, 28 Oct 1998 06:58:58 +0800
Raw message
From: RedRook <redrook@yahoo.com>
Date: Wed, 28 Oct 1998 06:58:58 +0800
To: cypherpunks@toad.com
Subject: Using a password as a private key.
Message-ID: <19981027215307.3786.rocketmail@send1d.yahoomail.com>
MIME-Version: 1.0
Content-Type: text/plain
‚‚‚‚Assymetic crypto systems such as
Diffie-Hellman, El-Gamel, and DSS, allow the private key to be a
randomly chosen number. ‚But, as a cute hack, instead of using a
random number, for the private key, you could use a hash of the User
Name, and a password.
Doing so allows the users to generate their private key on demand.
They don't have to store the private key, and if they want to work on
a another computer, they don't need to bring along a copy.‚
Has any one tried this? Is there existing software that does this? Any
comments on the security of such a scheme? ‚
The only draw back that I can think of is the potential lack of
randomness in the key. If the user chooses a bad password, it would be
possible to brute force the public key.‚
Harv.‚‚RedRook@yahoo.com‚‚‚‚‚‚‚‚
_________________________________________________________
DO YOU YAHOO!?
Get your free @yahoo.com address at http://mail.yahoo.com
Thread
- Return to October 1998
Return to November 1998
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
- Return to “Bill Stewart <bill.stewart@pobox.com>”
- Return to “mgraffam@idsi.net”
- Return to “Petro <petro@playboy.com>”
- Return to “RedRook <redrook@yahoo.com>”
Return to “ulf@fitug.de (Ulf =?iso-8859-1?Q?M=F6ller?=)”
- 1998-10-27 (Wed, 28 Oct 1998 06:58:58 +0800) - Using a password as a private key. - RedRook <redrook@yahoo.com>
- 1998-10-29 (Thu, 29 Oct 1998 08:02:38 +0800) - Re: Using a password as a private key. - ulf@fitug.de (Ulf =?iso-8859-1?Q?M=F6ller?=)
- 1998-10-29 (Thu, 29 Oct 1998 09:21:07 +0800) - Re: Using a password as a private key. - mgraffam@idsi.net
- 1998-10-29 (Thu, 29 Oct 1998 17:06:06 +0800) - Re: Using a password as a private key. - Bill Stewart <bill.stewart@pobox.com>
- 1998-10-30 (Fri, 30 Oct 1998 17:21:50 +0800) - don’t use passwords as private keys (was Re: Using a password as a private key.) - Adam Back <aba@dcs.ex.ac.uk>
- 1998-11-03 (Wed, 4 Nov 1998 04:52:57 +0800) - Re: don’t use passwords as private keys (was Re: Using a passwordas a private key.) - Petro <petro@playboy.com>
- 1998-11-03 (Wed, 4 Nov 1998 07:24:32 +0800) - Re: don’t use passwords as private keys (was Re: Using a passwordas a private key.) - Adam Back <aba@dcs.ex.ac.uk>
- 1998-10-29 (Thu, 29 Oct 1998 08:02:38 +0800) - Re: Using a password as a private key. - ulf@fitug.de (Ulf =?iso-8859-1?Q?M=F6ller?=)