Robert wrote: > 7) I assume the key rings themselves, holding the keys, are encrypted. > How strong is this encryption in GPG? What algorithm is used, etc? One > requirement is about compromising the machine with the keys, how easy it > would be to export the keys. Since the keyring is physically located on > the machine.
Some thoughts: GnuPG is generally designed on the assumption that the "source" and "destination" machines are not compromised. Yes, the key is kept encrypted, although I don't know how secure the encryption is. There are, of course, other attacks that could be mounted depending on how badly the machine has been compromised - for example: o The attacker could install keystroke logging software or hardware. o They could install a compromised version of GnuPG which takes the passphrase you type in, uses it to decrypt the secret key, and then transmits the unencrypted key to the attacker. o They could compromise the OS to intercept system calls etc... If this is a serious concern, you may be better off with a GnuPG smartcard, as then the key is kept in the card and is not copied to the machine. The card decrypts the session key and sends it back to the computer which then uses that session key to decrypt the data. Therefore, the host never sees the actual secret key. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
