On Tue 26.01.2016 at 03:45:33PM +0100, Lucas Hoffmann wrote: > Quoting Dashamir Hoxha (2016-01-23 15:03:31) > > Why do you use asymmetric encryption (public/private keys). > > I think that symmetric encrypion is easier, stronger, and simpler > > (you don't need to generate and maintain a key, all you need is > > a passphrase). It can be done with `gpg -c ...`. > > I have two question/concerns about the use of symmetric encryption. I > assume that I store one password (or one secret) under each name in > pass. GPG symmetric encryption needs a passphrase for each > symmetrically encrypted file.
When you use GPG with asymmetric encryption (i.e., the normal way), it does that already: - each file is encrypted with a unique symmetric key (because it is faster to compute than asymmetric cryptography), - the symmetric key is encrypted with your public key and placed into the same file, - your secret key then acts as a master key that can decrypt any of the files, - your secret key is protected by a passphrase, which is the master passphrase for your password manager. So symmetric encryption is actally used, and the problem of managing the symmetric keys is already solved. What is there not to like about the way pass works by default? Matthieu -- (~._.~) Matthieu Weber - [email protected] (~._.~) ( ? ) http://weber.fi.eu.org/ ( ? ) ()- -() public key id : 0x85CB340EFCD5E0B3 ()- -() (_)-(_) "Humor ist, wenn man trotzdem lacht (Otto J. Bierbaum)" (_)-(_)
signature.asc
Description: Digital signature
_______________________________________________ Password-Store mailing list [email protected] http://lists.zx2c4.com/mailman/listinfo/password-store
