Taking a different slant, is it possible to provide the "Entropy" using a pass phrase. So a given pass phrase will always generate the same key pair. This means that for simple applications no key store is required. Much like password based (symmetric) encryption.
Any ideas as to how hard that would be to do with Open SSL? Has anyone else done it? Anthony 2012/2/17 Richard Könning <richard.koenn...@ts.fujitsu.com> > Am 16.02.2012 12:17, schrieb Jakob Bohm: > > >> 2. Creating primes starts with high quality random numbers, >> such that there are a gigantic number of possible primes. >> If done correctly (like in current OpenSSL versions), the >> chance of choosing the same prime as somebody else is >> extremely low (again, I hope someone else on this list can >> come up with the numbers for general enlightenment). >> > > Well, seeding the PRNG correctly seems not to be a trivial task, > see e.g. > http://eprint.iacr.org/2012/**064.pdf<http://eprint.iacr.org/2012/064.pdf>and > https://freedom-to-tinker.com/**blog/nadiah/new-research-** > theres-no-need-panic-over-**factorable-keys-just-mind-**your-ps-and-qs<https://freedom-to-tinker.com/blog/nadiah/new-research-theres-no-need-panic-over-factorable-keys-just-mind-your-ps-and-qs> > . > Ciao, > Richard > > ______________________________**______________________________**__________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Dr Anthony Berglas, anth...@berglas.org Mobile: +61 4 4838 8874 Just because it is possible to push twigs along the ground with ones nose does not necessarily mean that that is the best way to collect firewood.
