Reducing The Risk Of Forgotten Long Secret Key
Keywords:
passphrases; encryption/decryption; hash function; Symmetric; Asymmetric; Message Digest Code; ConfidentialityAbstract
Nowadays, most peoples use PCs, and save sensitive information in their PCs. Some of users use encryption/decryption techniques
to hide his/her own sensitive information, and other not use cryptography at all. But a lot of the users use unsuitable secret keys.
They use either short, or weak keys, because each of short or weak keys are easy to be remembered. Those users may don’t know
the risk of using weak or short keys, and they may don’t know that the security produced from cryptography are directly
proportional to the quality and the length of the secret key used along with the used algorithm. Using suitable secret key, may
necessitate some users to save the secret key in a file or to write it in some place, which in turn weaken the associated security.
Reducing the problem of keeping long key secretly without forgotten it and without saving it in a file is a valuable problem. This
paper suggests a method to generate a suitable secret keys from passphrases along with salt ’short secret key’ by using one way
hash function. In the suggested method, the user can exploit some files saved in his/her PC as passphrases, and generates the
actual secret key by selecting one or more of the passphrase files and hashing it/them along with the salt. The output of the
hashing can be used as an actual user secret key, called message digest code. By this way, the user will remember only small
secret key.