I would like to know if the following ideas are feasible:
Hash function is one-way function.
Generate public key from private key is irreversible(asymmetric cryptography).
User password entry -> SHA(or adding salt before hashing) -> hash value(as ECC private key) -> generate public key from private key -> save public key(drop private key)
User password entry -> SHA(or adding salt before hashing) -> hash value(as ECC private key) -> generate public key from private key -> verify the public key with the saved one.
Based on that:
a.User or others can encrypt selected information(by using public key) that only user can decrypt it.
b.System administrator can generate a public/private key pair then both user and administrator can encrypt/decrypt selected information(by using Diffie–Hellman key exchange method).
I think that brute-force method(exhaustive attack method) can crack any password, and it is only a matter of time.It should be an another topic.
I am trying to prevent user information leak or rainbow table attack even if system being hacked.
I have searched and read the following information:
Handling user login using asymmetric cryptography
Asymmetric Cryptography as Hashing Function