[pycrypto] Generating a public/private key pair from a passphrase

Legrandin gooksankoo at hoiptorrow.mailexpire.com
Tue May 22 17:21:15 EDT 2012

Hi Rye,

You really want a cryptographically strong PRNG for that.
I don't think Python's random module is good enough.

One option is to use the Fortuna PRNG in PyCrypto.
Another is to use a NIST approved PRNG, like HMAC-DRBG, shown below.

from Crypto.PublicKey import RSA
from Crypto.Hash import HMAC

class PRNG():
    def __init__(self, passphrase):
        self.K = passphrase
        self.V = b'\x00'*16
        self.pool = b''

    def __call__(self, n):
        while len(self.pool)<n:
            self.pool += HMAC.new(self.K,self.V).digest()
            self.V = self.pool[HMAC.digest_size:]
        res = self.pool[:n]
        self.pool = self.pool[n:]
        return res

key = RSA.generate(2048, PRNG(b'pass phrase'))

Mind that - if possible - you should couple the pass phrase to a salt number.

> I'd like to be able to repeatably generate a public/private key pair from a
> user-supplied passphrase. I could use Python's built in random function
> seeded with the passphrase, or numpy's, but is there a better way of going
> about doing this via pycrypto?

More information about the pycrypto mailing list