Hacker News new | ask | show | jobs
by szasamasa 1078 days ago
I read this all the time, ist it true?

isnt public key a bad wording suggesting it should or can be public?

I would call it verification key and keep it secret on the server

only thing it need not to be hashed, it is already "hashed" meaning if it leaks it has 128 bit security or so

if I get it well, the private key can be guessed from the public key from huge alien resources so it is actualyl like an already computer intensive hashed 128 random password from a 2^128 domain?

I do not think the public key is to be posted on twitter or should not be guarded at all... it is just not the signing key and it is 128 bit strong away from it
1 comments
UncleMeat 1078 days ago
It is 100% fine to have adversaries know your public key. Asymmetric key crypto is not the same as "already hashed private keys." You can happily use a 4096 bit RSA key if 112 bits of effective security isn't enough for you.
link
szasamasa 1077 days ago
you dont quite get my point

i compare password hashing on server with passkeys where you store the public key on the server... we are told to hash computer intensive preparing for the worst that the server is breached and an attacker has the stored hashed (salted, peppered) password... then with brute force if you hashed computer intensive and the password was not weak, it can be i dont know 60,80,120 bit strong?

well you can actually get the password from the hash but if everything ok, infeasible... i guess it is the same with getting the private key from the public key, it is possible but with ecdsa256 i read 128 bit strong or so

i dont want more security i just find it interesting that nobody says the hashes are not a secret... ok it is more problematic since weak passwords remain much weaker hashed or not

i would still say if possible keep your verification key to yourself... and if it leaks, no problem

i would call them secret key (private) and verification key (public)

but i dont know much about this and i guess by digital signatures they are really public? but hey may be even stronger

link
UncleMeat 1077 days ago
There's more than one way to expose a password. You can have it phished, for example. Passkeys are immune to this.

You can use the terms you want. Other people will use normal terms.

link
szasamasa 1076 days ago
fishing is another topic we did not talk about passwords vs. passkeys

we talked about whether a public key is actually a similar secret than a well managed (hashed) password

well it is not up to you to decide what terms are normal the language, concepts evolve

if you want to understan things better than you do know, sometimes you go 1-2 levels deeper and think for yourself

a public key has a security strength, lets say 128 bit a computer intensive hashed strong password can level this if you generate unique very strong passwords for each site with your pass manager and(!) they hash it well, it can be compared to giving a public key to the site

in this sense your argument which you just copy from other people is false

a good argument would be that a public key that we give the sites has 100% strong security and the password will not travel from the client to the server, whereas plenty of domain service provider implement security bad so you have to rely on them

in addition, computer intensive hashing on the server is more electricity and cpu|memory usage

please try to talk about the actual topic and dont try to derail the conversation like it was about whether passkeys are better or not... hiding behind something you declare normal is also bad practice...

just debate the only thing I said: actually, you do give a kind of well guarded secret to the server and it is not like a public key should be advertised

I do think it is a very intersting thought

and, of course, if a password comes from a weak domain, you can hash minutes, it will never be as strong as a public key

link