{"title":"Storing RSA Private Keys In Your Head","authors":"Taisya Krivoruchko, J. Diamond, J. Hooper","doi":"10.1109/PRDC.2006.58","DOIUrl":null,"url":null,"abstract":"An issue when using the RSA public-key system is that for reasonable levels of security, both the public key and the private key must be quite large. Since few people are capable of memorizing a 1024-bit private key, most people must store this number on a computer hard drive or other digital storage device. There are (at least) three problems with this; the first is that if your computer is even temporarily compromised, your private key could be stolen. The second is that if you are away from your computer (and don't have your key on a portable storage device) but need your private key to access some resource, you are unable to do so. The third is that your key could be irrevocably lost because of hardware problems. This paper describes a way of generating a public/private RSA key pair from a passphrase to overcome these problems. Although the paper's focus is on the generation of RSA keys, the process can be applied to any cryptosystem (symmetric or asymmetric) which relies on random data for generating keys","PeriodicalId":314915,"journal":{"name":"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-12-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRDC.2006.58","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
An issue when using the RSA public-key system is that for reasonable levels of security, both the public key and the private key must be quite large. Since few people are capable of memorizing a 1024-bit private key, most people must store this number on a computer hard drive or other digital storage device. There are (at least) three problems with this; the first is that if your computer is even temporarily compromised, your private key could be stolen. The second is that if you are away from your computer (and don't have your key on a portable storage device) but need your private key to access some resource, you are unable to do so. The third is that your key could be irrevocably lost because of hardware problems. This paper describes a way of generating a public/private RSA key pair from a passphrase to overcome these problems. Although the paper's focus is on the generation of RSA keys, the process can be applied to any cryptosystem (symmetric or asymmetric) which relies on random data for generating keys