0

Is there a simple and deterministic way to generate a RSA key pair (private and public) based on a user's master password?

Imagine an encrypted messenger application. Here the user wants to login on different devices using his password, and always have the same private and public key for sending and receiving messages. So the keys should be only dependent on the password.

Boris
  • 8,551
  • 25
  • 67
  • 120
  • maybe here http://stackoverflow.com/questions/1307204/how-to-generate-unique-public-and-private-key-via-rsa – br1 Jul 19 '13 at 11:39
  • 1
    side note: what happens if the user changes their password? – Duncan Jones Jul 19 '13 at 11:56
  • You probably don't want to do that, since you will transform random/pseudo random key's material into a pure deterministic one. However why not simply authenticate the user on the server side (Since you are going to have one right?) and after that send him the key over a secure channel? – dna Jul 19 '13 at 11:58
  • I think the user's password could be seen as a "random" value. Also you're suggesting to store the users private key in the cloud. I would rather have it stay purely local on the users computers... – Boris Jul 19 '13 at 12:06
  • 1
    User's passwords are not random - assuming you are not generating one for them. Moreover a such approach would basically bring a brute force attack (RSA 2048; min/maj/num; max n chars) from 2^2048 to 62^n possibilities. Plus if two users have the same password, both will have the same key so they could decrypt each others messages - assuming they have access to the messages. Why not simply rely on https? Do you want to store the messages in an encrypted way? You can also use a passphrase just as many applications out there, but you will still have to distribute the key to the user somehow. – dna Jul 19 '13 at 14:04
  • The idea was that no unencrypted data leaves the device, so that even the server does not have knowledge of the data beeing sent. – Boris Jul 19 '13 at 14:21

0 Answers0