Bitcoin Forum
March 06, 2015, 03:54:33 AM *
News: Latest stable version of Bitcoin Core: 0.10.0 [Torrent] (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Secret keys could be memorizable  (Read 1237 times)
bcearl
Full Member
***
Offline Offline

Activity: 154



View Profile

Ignore
July 01, 2011, 08:23:10 AM
 #1

CAUTION: Don't understand this as a tutorial. You should not use any of this ideas for important key generation! This may affect security in the very core, because the security of ECDSA is based on the assumption that each possible key is as likely as any other!

This thread is meant as an idea for a techie and crypto-geek discussion.



Why generate random ECDSA private keys and encrypt them with AES then using weaker passwords?



In principle it should be possible to use the password directly as private key. How?

You have the eliptic curve, and the generator element A. You chose a password p and calculate q = (pA). p is not easy to calculate from q (discrete logarithm on eliptic curves), that's the basis of the whole ECDSA system.



New weaknisses:
- you can brute force private keys (e.g. via dictionary attacks) now and test whether they imply the known public key

Possible advantages:
- brute forcing private keys may be harder than brute forcing AES (or other) file encryption



What do you think? I got this idea a few minutes ago, there may be flaws I just didn't see yet.

Misspelling protects against dictionary attacks NOT
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!