从密码生成密钥对 [英] Generate a keypair from a password

问题描述

我想使用基于密码的私钥进行非对称加密.要求是提供的安全级别必须与(1)使用基于密码的对称加密，(2)以常规"方式使用非对称加密相同.

I would like to use asymmetric encryption based with a private key based on a password. The requirement is the security level provided must be the same of (1) using password-based symmetric encryption, (2) using asymmetric encryption in a "regular" way.

我将不得不在Java中使用它，但答案可能是通用的.

I will have to use it in Java, but the answer can be generic.

我知道我可以生成密钥对并使用基于密码的对称密钥对privateKey进行加密，但是，这样，我将需要服务器(或其他存储设备)来存储此加密密钥.我想避免这种情况.如果可以从密码生成密钥对，则不需要.

I am aware that I can generate a keypair and encrypt the privateKey with a password-based symmetric key, however, in this way I will need a server (or other storage) to store this encrypted key. I would like to avoid that. If I could generate a keypair from a password, it is not needed.

有什么建议吗?

推荐答案

如果仅基于密码建立私钥，则其强度将与密码一样强，即，只要能猜出密码的人都可以获得私钥.

If you base the private key solely on a password, it will only be as strong as the password, i.e. whoever can guess the password can get the private key.

这相当于生成私钥/公钥对，使用对称密码对私钥进行加密，然后将它们一起发布.

This is comparable to generating a private/public key pair, encrypting the private key with a symmetric cipher and then publishing both together.

这当然会使整个系统变得脆弱，因为您不再需要拥有秘密令牌-您只需要知道密码.

This of course makes the whole system weaker, since you no longer need to have the secret token - you only need to know the password.

这篇关于从密码生成密钥对的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！