AnswerBun.com

What's a secure way to generate a keypair from a secret password?

Information Security Asked by HappyFace on July 29, 2020

I like to generate a public-private key pair that is seeded from a string. So having the string and the generation algorithm is enough to recreate the keys. I want to do this because I can then combine a password (that I’ll memorize), with a long, secret (randomly generated) text file (that I’ll store securely), and generate a key pair. I’ll then delete the key pair after each usage and regenerate them when needed. Thus, for the keys to be compromised, someone would need both the long text file, and the password in my head. (Or they need to intercept the key in the narrow intervals that it exists.) This seems safer to me than just storing the keys securely, where anyone with physical access to the keys can use them.

PS: I am obviously confident in not forgetting the password.

There is a similar question, but it’s old and doesn’t have a useful answer.

One Answer

You can achieve the same effect by encrypting the keypair with a key derived from your memorized password. So rather than 'generating' a keypair you'll be encrypting a pre-generated one.

Take your long password, and pass it through a key derivation function (e.g. PBKDF2), use the output to encrypt the private key, and then store only the encrypted file.

Hence in order for someone to compromise the pair, they'd need both your password and the encrypted private key file.

Answered by keithRozario on July 29, 2020

Add your own answers!

Related Questions

Jenkins malicious process identification

2  Asked on October 28, 2021 by nemanja-martinovic

     

Does encrypted content in a database need to be signed?

1  Asked on October 28, 2021 by ian-warburton

 

WhatsApp account got “hacked”/hijacked?

1  Asked on October 28, 2021 by d-a-vorm

 

iCloud deletion

1  Asked on October 28, 2021 by mp115

     

Difference between Zeek (Bro) and Snort 3

2  Asked on October 28, 2021 by ustavsaat

   

Help Understanding PHP Reverse Shells

1  Asked on October 28, 2021 by pdawg

   

Refresh token using a separate auth server?

0  Asked on October 28, 2021

 

Is the perfect MITM attack possible?

1  Asked on October 28, 2021 by user238715

     

What attack vectors does arbitrary JS on a user profile allow?

2  Asked on October 28, 2021 by sellarafaeli

     

Processing Exceptionally High Volume Singular Flows

1  Asked on March 9, 2021 by reedghost

   

Ask a Question

Get help from others!

© 2022 AnswerBun.com. All rights reserved. Sites we Love: PCI Database, MenuIva, UKBizDB, Menu Kuliner, Sharing RPP