On Tue, 7 Sep 2004 13:24:39 +0800, Padraig MacIain said: > problem. However, does it offer a great risk for something like > OpenPGP if the passphrase used to access the secretkey is partially
That depends on quality of the passphrase; it makes dictionary attacks easier. > compromised? And in turn if the passphrase is completely known yet the > secret key is still secured (physically) does knowing this passphrase > risk a complete compromise of the key pair? No. The protection of the private key is is independent of the key. They are in no way related. The key is based on a random string and only the protection of this key is based on the passphrase. This protection only helps against a lost (but protected) private key. Salam-Shalom, Werner