Oddbean new post about | logout
LibertyFarmer | 1 years ago (raw) | root | parent | reply | flag +1 
 What about a username and password, but in the backend it is the hash or a random algorithm that creates the key pair? Not sure how that works, doesn’t solve the lost key or ‘password’ though.
ChipTuner | 1 years ago (raw) | root | parent | reply | flag 
 The one of the biggest reasons this should never happen here is entropy. The "password" has to come after the key generation part. Now commonly used in bitcoin key generation -> seed-phrases

https://en.bitcoin.it/wiki/Seed_phrase

I know people want easier key management, and recovery, but should not be possible in conventional means. 

I am trying to work on a self hosted option, but it's not easy when you aren't a security researcher.
LibertyFarmer | 1 years ago (raw) | root | parent | reply | flag +1 
 Why can't the password be used as entropy in cresting the key? Each letter and number represents a value, and used as input into a keygen crypto formula. Wouldn't something like that work? The end number is still large enough to be unique, but the password should be able to always represent the msec. Much like rolling a die. Using a random number of '5' will always results in XXXX, etc..

I am no cryptographer,, but thoughts?
ChipTuner | 1 years ago (raw) | root | parent | reply | flag 
 Me either, nor an authority, but I found this old reddit thread that says what I'm thinking but better. Obviously PBKDF one-way hash functions are all over the place so it's been done for a while, but some users explain the flaws with some asymmetric algs and deterministic keys with predictable inputs (human inputs) I can't speak to secp256k1 we use on nostr. 

https://www.reddit.com/r/crypto/comments/5yv8i9/is_it_possible_to_use_a_key_derivation_function/

Personally my thoughts are, for now, I believe we have far safer ways of generating asymmetric key pairs with computers than derived from knowledge. And I think we can make it just as convenient. 

My approach with my NVault project: generate keys on a remote server, that requires physical access to extract keys outside of the application. The server signs client events on demand over the network. Extensions sign in with conventional means or PKI (I use hardware authentication). I already support custom RNG libraries, and intend to support off-server signing through hardware devices soon. (Id like to see a more standardized hardware signing protocol). I suppose its essentially a custodial model but self hosted.