On Fri, Feb 14, 2014 at 1:30 PM, S. Dale Morrey <[email protected]> wrote: > To do this I've devised an algorithm to derive the private key on the > client.
When working with crypto, it's usually a bad idea to devise your own algorithms. There are likely smarter people that have already solved, tested, and verified the problem you are having. That said, your search for entropy is a good one, but your usage of SHA256 to derive a key from some set of entropy is inadequate. There is a whole section of cryptography dedicated to achieving this goal. There are several key derivation functions (http://en.wikipedia.org/wiki/Key_derivation_function) available which are much stronger than simple SHA256. Perhaps look at the most popular PBKDF2 (http://en.wikipedia.org/wiki/PBKDF2), since you are very likely to find an easy implementation already written for whatever platform you are writing for. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
