it is provably secure to do it with password based asymmetric key derivation , provided the password is entropic enough.