IETF Logo Mail Archive

Re: [openpgp] Deriving an OpenPGP secret key from a human readable seed

Phillip Hallam-Baker <phill@hallambaker.com> Fri, 18 October 2019 01:40 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD77C120104 for <openpgp@ietfa.amsl.com>; Thu, 17 Oct 2019 18:40:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.473
X-Spam-Level:
X-Spam-Status: No, score=-1.473 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.172, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kcg1fynIqgzF for <openpgp@ietfa.amsl.com>; Thu, 17 Oct 2019 18:40:28 -0700 (PDT)
Received: from mail-ot1-f45.google.com (mail-ot1-f45.google.com [209.85.210.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06E2D120BEC for <openpgp@ietf.org>; Thu, 17 Oct 2019 18:40:27 -0700 (PDT)
Received: by mail-ot1-f45.google.com with SMTP id e11so3622811otl.5 for <openpgp@ietf.org>; Thu, 17 Oct 2019 18:40:27 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qt5VAhHBA2pFmUiSuw3+3nDKwRsNNd7C5/PbX3j1eSg=; b=YNck/+/AadcmEKh/TcPQ4Sk4CN1wJN7Dqjgbha5GMNWKrLsfwCbv0fegdsMU66ogKm VQLyYQlg+spXJswh540NkspuglfXE9qvVdp1muTZpkVMpMqEIOdZ09ewKFk3DgVk8WrS MsEGtIj9FfI2vWapYugpqfi7FSspxllG/oGKG8H/usPA4wffGmDIhqWFqYS8Xtp8j2C5 hOL2Q1hsDc/wfa43ZIBsk60KYyvggShCQ1MGlPgPvATS2huFHz3jiwHGuYiz557882Ee CvTl6O+Nh56G00djWLwcoDlkFfwYbZe4stGotWKDishPvbNNka3bUfB4Adzs4K+d20O8 61eA==
X-Gm-Message-State: APjAAAWiv26+ayn9XxmJjoM17i+tySf47NG7FhlJlC6ml9IVLFF+VhfR AZ8C0Hk08wwmdnkAdfTWXDdF/43xiewQrjjotTM=
X-Google-Smtp-Source: APXvYqxzuEWqJ7u3WISLsV2p14YMDfu+yekrAcfxoBr6x7By1FVoyDjtEA+XuMmqbBS4qYRLYXx5VIT8oZpXqutm+NE=
X-Received: by 2002:a05:6830:22d9:: with SMTP id q25mr5310444otc.87.1571362827119; Thu, 17 Oct 2019 18:40:27 -0700 (PDT)
MIME-Version: 1.0
References: <5eb8774d-8d4f-63e3-29bc-53f3c8d21c51@kuix.de> <FAAB5286-1C26-4F32-AB76-8B1E2C93FA77@icloud.com>
In-Reply-To: <FAAB5286-1C26-4F32-AB76-8B1E2C93FA77@icloud.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 17 Oct 2019 21:40:14 -0400
Message-ID: <CAMm+LwhCKRPr6UoM3ue8iyr5W--aafmB=cDF1rtTnc5ZQORDKg@mail.gmail.com>
To: Jon Callas <joncallas=40icloud.com@dmarc.ietf.org>
Cc: Kai Engert <kaie@kuix.de>, IETF OpenPGP <openpgp@ietf.org>, Jon Callas <joncallas@icloud.com>
Content-Type: multipart/alternative; boundary="0000000000001fb2910595256bb7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/CbitSb-1s-K61omS9d3vQyBFqVs>
Subject: Re: [openpgp] Deriving an OpenPGP secret key from a human readable seed
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Oct 2019 01:40:35 -0000

On Tue, Oct 15, 2019 at 4:15 PM Jon Callas <joncallas=
40icloud.com@dmarc.ietf.org> wrote:

> >
> > I hope some of this message makes sense.
> >
>
> I think it makes sense. You're looking at having a way to seed a DRBG
> (PRNG), so that that seed can be used to deterministically generate a key,
> and that seed being reasonably small, and can be encoded in a way that's
> easy to store on paper as well as use for generating the same key later.
>
> This sounds like a good idea, but as others have said, it's more general
> than OpenPGP. Really what you want is a standardized, loadable DRBG, and
> then that DRBG could be bolted into some OpenPGP implementation for key
> generation.
>
> That latter part is software issue and really ought to be generalized
> beyond OpenPGP, and then some implementation of OpenPGP could have the
> feature of creating a key from such a loadable seed.
>
> It sounds useful to some people, but outside the scope of OpenPGP
> documents, just as the design of other RNGs is beyond the scope of OpenPGP
> documents.
>

IETF already has such a function HMAC-KDF. RFC 5869.

The current UDF document does not have the text. I am just finishing up the
code and should have a new draft out tomorrow with the text.

v2.23.0 | Report a Bug | By Email