Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Generate RSA key pair in javascript, based on a password

As far as I understand, RSA keys are usually generated based on a (strong) random generator.

Instead, I want to create them based on a password.

Or rather on its hash, for example sha512(sha512(password+salt)+password+pepper)

This needs to be done client side, in JavaScript.

Would anyone know how to do this? Is there an easy JavaScript library that creates RSA key pairs deterministically, based on a given input?

(Actually, I'm mentioning RSA but any secure asymmetrical encryption would suffice, I just need public-private encryption)


Addition: I need this because I'm building some secure communication solution, that doesn't need to rely on the connection or even the server to be secure.

I'm encrypting all content with AES using random keys, and the keys are RSA-encrypted. The idea is Alice can RSA-encrypt her content (or actually, the AES-key for her content) with Bob's public key (therefore Bob's public key must be stored online).

Later, when Bob enters his password again, his browser can deterministically calculate his RSA private & public key on the spot, download the content from Alice, and decrypt it locally using his private key.

like image 411
Sheldon Pinkman Avatar asked Jun 22 '12 12:06

Sheldon Pinkman


People also ask

How can RSA be used to generate key pairs?

You can generate RSA key pairs in the encrypted form on a workstation with a 4755 cryptographic adapter or a 4764 PCIX Cryptographic Coprocessor installed. A workstation with a 4758 PCI Cryptographic Coprocessor can also be used.

Which command is used to generate RSA keys?

To generate Rivest, Shamir, and Adelman (RSA) key pairs, use the crypto key generate rsa commandinglobal configuration mode.

How key pair is generated?

A key pair is generated using the KeyPairGenerator class. In this example we will generate a public-private key pair for the algorithm named "DSA" (Digital Signature Algorithm). We will generate keys with a 1024-bit length. The next step is to initialize the key pair generator.


2 Answers

Looks like Cryptico can help you, when you feed your password as a seed for RNG.

like image 112
Eugene Mayevski 'Callback Avatar answered Sep 21 '22 06:09

Eugene Mayevski 'Callback


2020's year answer for browser/client-side:

If you want to use RSA encryption on client side with TypeScript (in browser or hybrid app with Ionic for example) do next:

  • npm i cryptico-js --save
  • in your TypeScript (v3.4+) code use next import: import * as cryptico from 'cryptico-js/dist/cryptico.browser.js';
  • after that you can use all cryptico methods as described there: https://www.npmjs.com/package/cryptico
like image 20
Vladimir Tolstikov Avatar answered Sep 20 '22 06:09

Vladimir Tolstikov