On Mon, 30 May 2022 19:52, Matt Borja said: > - Related to this approach: Is the passphrase on a private key not > sufficient encryption strength to store the private key in a secure > cloud > vault for archival purposes; or could it not be paired with a
The currently used protection of private keys as specified by OpenPGP allows to attack the key iff the attacker has a way to modify the protected key on the transport. This is not the old Klima/Rosa attack but a new attack which takes advantage of the fact that the public key parts are not bound to the encrypted private parts of the key. Thus the suggestion is to not rely on the OpenPGP private key protection but to convey those private keys with an additional OpenPGP encryption layer. Note that the internal format used by GnuPG to store the private keys is not affected buy this attack. This is because the public key parts in the files below private-keys-v1.d are included in the authenticated encryption of the private parts as additional data (openpgp-s2k3-sha1-aes-cbc and openpgp-s2k3-ocb-aes schemes) Always take care when conveying private keys. Salam-Shalom, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
