 |
July 01, 2011, 08:23:10 AM
Last edit: July 01, 2011, 09:33:41 AM by bcearl |
|
CAUTION: Don't understand this as a tutorial. You should not use any of this ideas for important key generation! This may affect security in the very core, because the security of ECDSA is based on the assumption that each possible key is as likely as any other!
This thread is meant as an idea for a techie and crypto-geek discussion.
Why generate random ECDSA private keys and encrypt them with AES then using weaker passwords?
In principle it should be possible to use the password directly as private key. How?
You have the eliptic curve, and the generator element A. You chose a password p and calculate q = (pA). p is not easy to calculate from q (discrete logarithm on eliptic curves), that's the basis of the whole ECDSA system.
New weaknisses:
- you can brute force private keys (e.g. via dictionary attacks) now and test whether they imply the known public key
Possible advantages:
- brute forcing private keys may be harder than brute forcing AES (or other) file encryption
What do you think? I got this idea a few minutes ago, there may be flaws I just didn't see yet.
|
