[cryptography] no-keyring public

Jeffrey Goldberg jeffrey at goldmark.org
Sat Aug 24 14:55:12 EDT 2013


On August 24, 2013 at 1:41:27 PM, Ben Laurie (ben at links.org) wrote:

On 24 August 2013 19:14, Krisztián Pintér <pinterkr at gmail.com> wrote:

> 1. In your system the KDF for creating the seed to PRNG can’t be
> salted.

nope, it can't be.

Can it not? A distributed store for salts seems possible...
OK, “can’t” was too strong of a word. But it appears to me that any mechanism for delivering the salts might as well just deliver the encrypted private key. And such a system would undermine the original intent (as I understand it) of the proposal.

That is, if I understand the original intent it is so that the user doesn’t need to carry their (encrypted) public key with them. All they ever need to know is their password.  If they need to know their password and their salt, then either

(1) that salt gets distributed when they needed it, or

(2) they need to carry the salt with them

In either case, there is no advantage (unless I’ve missed some point) in just distributing/managing the salt over distributing/managing the encrypted private keys.

Cheers,

-j


More information about the cryptography mailing list