Hey.
I have the following scenario: I'd like to archive private data to e.g. some cloud storage for backup reasons. Basically I'd see two ways to move on from here: 1) Put the data in on or more disk images which are encrypted with dm- crypt/LUKS (e.g. using aes-xts-plain64) 2) Put the data in one or more tar or dar archive files, which I think is a bit more flexible. With (2) I'd guess gnupg would be the tool of choice (or is there anything else well-maintained?) and using e.g. AES256 should provide adequate security. In both cases, I'd want to put the actual key alongside the archive (i.e. also backing it up the the remote storage, as I'd be screwed it I loose the key when I just store it locally). For both (LUKS/OpenPGP), the actual symmetric key is anyway alongside the image/archive encrypted by some passphrase (respectively the pubkey, in case of asymmetric encryption with gpg). Now here's the question/problem: - LUKS/cryptsetup, at least in it's more recent version already support Argon2 and even for the older version there was a noticeable effect when increasing the hashing iterations (like taking several minutes for cryptsetup to actually "open" the device). For gpg there is --s2k-* especially --s2k-count, but even when setting this to the max value of 65011712... passphrase hashing seems super fast. I'd be totally happy if a single passphrase try (for an attacker) takes like 10 minutes (just to be on the safe side)... but that doesn't seem possible with OpenPGP/gpg right now? What would you guys suggest in my scenario? Is there a way to chain Argon2 with current gpg versions (not having to wait until this gets integrated in a new RFC in some future)? Thanks, Chris. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users