All geek questions in one place

Generate a key pair based on a string

I need to create a private \ public key based on a string. (This line is the unique identifier of a specific machine generated at run time. The public key will be shared so that all users can send data to this computer.)

As far as I know, RSACryptoServiceProvider automatically generates a key pair. I need to generate the same pair every time I send the same line.

Any idea how to implement this in C #?

(added) I am not interested in creating a certificate and storing it locally, in this case it is not suitable (because if you create certification in two different os settings on the computer, the key keys will be different. I need the identifier of a specific machine and keypair Now I can generate an identifier, but I don’t know yet how to create a key database on it).

I would like to use RSA, however any asymmetric algorithm would be suitable.

+4
source share
2 answers

You can try the following:
Use Rfc2898DeriveBytes to get two bit strings. Interpret each part as one BigInteger and find the next stroke after it. These are your p, q, from which you can build your e, d, n, used for RSA.
But this is probably a bad idea, as I just came up with it, and it is not based on established cryptography.

I would prefer to create a private key on a regular computer and save it. I think windows even offer a special way to store keys.

+4
source

There is no practical way to do this. Theoretically, you could hack the RSA and RNG implementations of OpenSSL and make sure that the only entropy that the RSA keygenerator gets is your string. Thus, the keygen process would spit out one and only one RSA key on the input line, no matter how many times you run it. However, your string will most likely not have enough entropy to make the generated key cryptographically useful. If this is not enough for you, there is also the problem that this process is highly dependent on the internal components of the RSA keygen process, which can change between versions of OpenSSL, which can lead to the creation of another key based on the same input.

Why can't you create an RSA key pair and encrypt the private key with your string (using a symmetric algorithm) and then save the encrypted data block locally? Thus, instead of generating a key every time your application starts, it can decrypt the previously saved one if the string (machine fingerprint?) Does not change.

+2
source

Source: https://habr.com/ru/post/1333349/

More articles:


All Articles