Something like this is actually already possible in https using client certificates.
EDIT:īased on some of the answers, I think my question is a little misleading. I could mitigate that by running a computationally expensive key expansion algorithm on the client side and use the result of that for encrypting the private key.īut I still don't really trust the whole thing, and so I would love to hear your feedback on whether this is a good idea or if I should just stick with how I'm doing it right now. The only drawback I could find is the server having to give out encrypted private keys to basically anyone who requests them, making brute-force attacks way easier. This method would prevent the password from ever being transmitted over the network and even allow for cool stuff like end-to-end encrypted chat between users. The encrypted random string and key pair are then sent to the client, who will need to decrypt it again to prove they have the private key's password. When they want to log in again, the server generates a string of random characters and encrypts it using the public key. When a user signs up, they generate a PGP key pair, encrypt the private key using a password of their choice and send it to the server. So I thought of an entirely different approach: using PGP keys. Yes, I naturally use HTTPS, but still, if the connection was somehow compromised for whatever reason, so is the password. However, I think it has a major flaw, which is the client having to send the password in plain text to the server. This strategy seems adequately secure to me (please correct me if I'm wrong, it is basically just the result of reading a lot of online guides and watching YouTube videos). When a user wants to log in, they send their credentials to the server, where the described procedure is then repeated (using the same salt, obviously) and compared to the hash in the database.
After every round, the original password is concatenated to the result and then fed into the next round. Passwords are salted with 64 bytes from /dev/urandom and then hashed with 100 rounds of SHA-512. My current concept is modeled after what seems to be the common consensus right now. For that, I am currently researching good strategies for dealing with authentication. I am building a web site that provides user login.