Does this reference address my goals?
http://www.rsasecurity.com/rsalabs/node.asp?id=2127
This faq also has this quote:
http://www.mindspring.com/~schlafly/crypto/faq.htm
"
How do I convert a password into a key?
You can just use the password directly, but it is usually better to run it thru a hash function or a key derivation function (KDF). A popular choice is PBKDF2 in PKCS#5. See: http://www.rsasecurity.com/rsalabs/pkcs/ "Thanks for any help...and your patience with this potential faq.
-Matt
At 6/7/2005 10:57 PM, Matt England wrote:
Hello,______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
I'm trying to build an application/system that will always generate the same RSA public-private key pair given the same "seed" data into the OpenSLL-public-private-key-pair generation process?
Essentially, I want to be able to regenerate a private key simply by using a user's login name and password (in some combination) as the "seed" input into a key-generation process. This way, a private key never has to be stored in my system, and the user can access security data simply by knowing only their login name and password.
Is this feasible within OpenSSL? Does this question make sense?
I suspect there's one of 2 things going on:
1) This is a common request within secure systems (to, among other things, avoid private key storage) and that there is some flavor of OpenSSL (or maybe some other software) to support this capability.
2) The design is such to specificaly deny this capability, and the same send into any key-generation process will always produce a different key pair.
3) The process is indeterminate; the key can not always be guaranteed to be the same
I'm hoping for #1 instead of #2 or #3...or anything else.
Thanks for any help,
-Matt
