A given computer system works with the RSA cryptosystem and 2048 bit keys.
A participant registers itself to the server by providing its public key (and a signature to prove it has access to the private key, but that's irrelevant for this question).
In order to decide if a participant should be accepted or not the only basis of decision is the public key. That can't be changed. So what I want is to decide if the creator of a key can be trusted by just having the private key.
My first approach was to let one of the two primes $p$ and $q$ be generated by a function that takes a secret argument (i.e. passphrase), and whose result can be verified later on. A simple solution could be the modulo operation, where one checks whether $p \mod x$ equals $0$ for $x$ being the secret. Another idea could be a pseudo random number generator with the seed being the secret and where the number of iterations is limited. But that doesn't guarantee to find proper primes at all.
Can you think of a secure (i.e. not easy to manipulate) algorithm that generates 2048 bit RSA public / private key pairs from a secret where the public key can be used to verify if the key was created with the original secret?