ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Deriving an OpenPGP secret key from a human readable seed

2019-10-15 11:21:22

Kai Engert <kaie(_at_)kuix(_dot_)de> wrote:
    > The high level idea is:

    > - key generation requires a source of entropy

    > - instead of using the entropy directly, the entropy could be used to
    > seed a CSPRNG (like HMAC_DRBG), which is then used to obtain the random
    > data that is needed for key generation.

PHB's MMM offers a similar mechanism.
Might as well have a single solution.

See draft-hallambaker-mesh-* and 
    https://mailarchive.ietf.org/arch/msg/mathmesh/GF1d5X4F0eqAk6x7T9qQu6khAIw

    > I see the primary purpose for this recovery mechanism as desaster
    > recovery: - ensure the recovered primary key can be used to decrypt an
    > archive of old data, like the encrypted emails in a sent folder - allow
    > the use of the recovered primary key to create a revocation statement

A secondary use is for keys that are generally kept offline.
Instead of bringing them back from the "cold storage", the key is just
renegerated each time from a printed piece of paper.   My original PGPv3
root(_at_)sandelman(_dot_)ca went through five kinds of media (5.25" floppy, 
3.5" floppy, CDROM, DVD, USB key...)... 

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr(_at_)sandelman(_dot_)ca  http://www.sandelman.ca/        |   ruby on 
rails    [ 
        

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp