Topic: RSA Key Generation from a Pass Phrase

I want to generate a public/private key pair from a string.  For example "My secret pass phrase goes here" would be entered by a user and I would somehow generate the public and private RSA keys from that.

In looking at the documentation it appears that the only way to do that would be indirectly:  by somehow hashing the pass phrase down to a long integer that could then be used as "e" in "int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng);".

Does that make sense?  Is there some other technique that I could use?

And given that my resulting hash will probably not be a prime number, does that make any difference?

Share

Re: RSA Key Generation from a Pass Phrase

Hi gawiz,

Can you share what your end goal is?  We may be able to suggest an approach based on that?

Thanks,
Chris

Re: RSA Key Generation from a Pass Phrase

Yes, the use case is that a user will activate the app by providing a pass phrase (in addition to getting a user name and password).  The pass phrase is a longer string comprised of at least 4 words and 30 characters: "My mother used to make me eat grits".  This serves two purposes:  1) it's used to authenticate the user when the password needs to be changed and 2) it is used to generate the public/private key pair for the RSA encryption.  Without having the pass phrase a user would not be able to regenerate their keys.

The pass phrase itself is not saved on the client or the server.

Share

Re: RSA Key Generation from a Pass Phrase

What I'm thinking is that I'll hash the pass phrase and manipulate the resulting string to make the keys...

BTW, I'm working with Rod Weaver from Wolf and will probably initiate a support thread with him later today.

Share