[ale] semi OT: encryption

David Tomaschik david at systemoverlord.com
Tue Jul 8 15:19:30 EDT 2014 

If he's using Curve25519, it's actually super-trivial to take any 256-bit
value and modify it to a curve point (http://cr.yp.to/ecdh.html#use).  So
you could, for example, SHA256(passphrase), then make it into the private
key point, multiple by the base point to get the public key.  This is a
pretty repeatable process for key generation.  Of course, I'd also hope
there's some hardening beyond a plain SHA256, but it doesn't seem you could
do anything involving salting, since you need to regenerate the same key
each time.  (Or, I suppose, put the salt into the public key, and make sure
the user gets their own public key first when regenerating?)


On Mon, Jul 7, 2014 at 2:21 PM, Jim Kinney <jim.kinney at gmail.com> wrote:

> generating the same private and public keys on the fly during every login
> is both pretty cool and yet a bit unnerving. Hopefully the eliptic curve
> algorithms are the ones that have been patched from the weakend versions
> the NSA tampered with.
>
>
> On Mon, Jul 7, 2014 at 4:47 PM, Boris Borisov <bugyatl at gmail.com> wrote:
>
> > http://www.wired.com/2014/07/minilock-simple-encryption/
> >
> > --
> > Sent from Gmail Mobile
> > -------------- next part --------------
> > An HTML attachment was scrubbed...
> > URL: <
> >
> http://mail.ale.org/pipermail/ale/attachments/20140707/75de961c/attachment.html
> > >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
>
>
>
> --
> --
> James P. Kinney III
>
> Every time you stop a school, you will have to build a jail. What you gain
> at one end you lose at the other. It's like feeding a dog on his own tail.
> It won't fatten the dog.
> - Speech 11/23/1900 Mark Twain
>
>
> *http://heretothereideas.blogspot.com/
> <http://heretothereideas.blogspot.com/>*
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> http://mail.ale.org/pipermail/ale/attachments/20140707/8b0da882/attachment.html
> >
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>



-- 
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david at systemoverlord.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140708/25d1e0de/attachment.html>

More information about the Ale mailing list