Questions about particular use cases (integrity verification w/o private key, add E flag to primary key, import secp256k1 key)
Mario Castelán Castro
marioxcc.MT at yandex.com
Fri Sep 1 02:06:04 CEST 2017
On 31/08/17 17:49, s7r wrote:
>> You can use hash(private_key_1) to seed a cryptographically secure
>> pseudo-random number generator (E.g.: AES in CTR mode with the seed as
>> the key), and then use that random stream to generate (private_key_2,
>> pubic_key_2.
>>
>> This is a method applicable in general. The algorithms of private_key_1
>> and private_key_2 need not be the same, nor do they need to be defied
>> over the same curve.
>>
>> The only problem is that I do not know of a program to do they key
>> generation from a user-provided seed.
>
> This will do for my use case.
>
>> Please stop talking about "secp256k1 keys". You do not have secp256k1
>> keys. You have ExDSA or ECDH keys which are not interchangeable with
>> each other.
>
> I think I asked in a wrong way. I do not necessarily need for both the
> primary key and the secondary key (key with Encryption capability) to be
> the same secp256k1 curve / ExDSA key / ECDH key, etc. -- all I need is
> for them to be reproductible at any time, any where, based on some seed,
> or sha256 hash of a user-generated password, etc. It's irrelevant if
> they are totally different keys that work in different ways, the only
> feature needed is to be able to reproduce them from scratch any time,
> and be able to decrypt the data.
You can use the same scheme that I described. The only difference is
that you use a hash (say, SHA-256) of the seed provided by the user as
the seed of the CSPRNG, instead of the hash of a private key (as I
originally described)
The only thing that is still missing is software that implements
deterministic generation of DSA and DH keys over secp256k1 given a seed.
You can either find one already written, write it yourself, or pay
somebody to write it for you (possibly as a modification of GNU PG).
Note that you will need to know the seed *and* the method of generation
so that you can re-generate the key in the future if it becomes
necessary. You can store the program used for the key generation in a
place where it will remain available in the future, for example, in the
same place where you store your backups, or print the source code. The
generation program needs not be kept secret. Only the seed needs to be
kept secret.
> Mario, check this out:
>
> https://github.com/Jaxx-io/openpgpjs-secp256k1/blob/master/README_secp256k1.md
>
> Generate keypair from bitcoin key:
> var openpgp = require('openpgp');
> var bs58check = require('bs58check');
>
> [...]
I can not comment on this library. I have never used it nor do I plan to
use it.
--
Do not eat animals; respect them as you respect people.
https://duckduckgo.com/?q=how+to+(become+OR+eat)+vegan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170831/8779472f/attachment.sig>
More information about the Gnupg-users
mailing list