gcry_pk_genkey with given random seed

Joachim Breitner mail@joachim-breitner.de
08 Jun 2003 14:47:20 +0200

Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable


Am Son, 2003-06-08 um 14.30 schrieb Moritz Schulte:
> > for some wired idea I have I basically need to create a RSA keypair
> > from a given random seed (a MPI), and it should always output the
> > same keypair for the same seed. Ideally in a well-documented way in
> > case someone else needs to reimplement it.
> Hmm.  Of course it is `theoretically' possible, since this problem can
> be narrowed down to the question `How many changes are needed to make
> this easy?'. :)
> libgcrypt manages a `pool' of random data.  If this pool is empty, a
> `random gathering' function is called, which then adds more random
> data to the pool.  For a situation like yours it might indeed make
> sense to offer the possibility to the user to control the content of
> this pool.
> An interface would be be needed, which can be used to install a
> user-provided random gathering functions.  This way the task of
> providing random bytes would be yours.
> Does this idea make sense and is it worth implementing it?

I don't know if this pool control is really what I need, since it should
result the same key pair for the same data (which is not really random,
but data that should used instead of the random data), and that even
across  library versions or implementations. Therefore I guess it should
be integrated directly into the key generating function like this:

type a,b; // Two large prims needed for key
if (given_seed)
	a =3D data_to_prime(first_half_of(given_seed));
	b =3D data_to_prime(second_half_of(given_seed));
} else {
	a =3D prime_from_pool;
	b =3D prime_from_pool

And the way data_to_prime (and the rest of the key generations) works
needs to be the same in every version, well documented and
reimplementable by others.

Joachim Breitner=20
  e-Mail: mail@joachim-breitner.de | Homepage: http://www.joachim-breitner.=
  JID: joachimbreitner@amessage.de | GPG-Keyid: 4743206C | ICQ#: 74513189
  Geekcode: GCS/IT/S d-- s++:- a--- C++ UL+++ P+++ !E W+++ N-- !W O? M?>+ V=
            PS++ PE PGP++ t? 5? X- R+ tv- b++ DI+ D+ G e+>* h! z?
Bitte senden Sie mir keine Word- oder PowerPoint-Anh=E4nge.
Siehe http://www.fsf.org/philosophy/no-word-attachments.de.html

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Dies ist ein digital signierter Nachrichtenteil

Version: GnuPG v1.2.2 (GNU/Linux)