Re: passphrases

["Michael Parker" <jked mail com>]

Thank you.  The link describes the scenario I have in mind.  In particular it says:

To help safeguard your key, GnuPG does not store your raw private key on disk. Instead it encrypts it using a symmetric encryption algorithm. That is why you need a passphrase to access the key.

I guess this is more of a question for GnuPG because I still don't really know the computational difficulty of brute force decrypting the private key (assuming you pick a passphrase that is too hard to guess).  A possibly related question is how long and "random" does the passphrase have to be to make guessing it on par with decrypting the private key.  Again this seems like a question for GnuPG.

Thanks

Mike

----- Original Message -----
From: "Adam Schreiber"
To: "Michael Parker"
Cc: seahorse-list gnome org
Subject: Re: passphrases
Date: Tue, 13 Jan 2009 11:25:34 -0500


On Tue, Jan 13, 2009 at 11:25 AM, Adam Schreiber wrote:
> On Tue, Jan 13, 2009 at 1:00 AM, Michael Parker wrote:
>> I am interested in knowing about the security of passphrases. Are there any
>> resources that explain this? I want to understand the scenario of
>> encrypting a file that stays on the same system where I generated the key,
>> and then losing that system.
>
> I would direct you to the GPG manual [1] for a description of
> passphrase and key security.
>

Whoops, missed the link.

[1] http://www.gnupg.org/gph/en/manual.html#AEN513


>
>
>>
>> -Mike
>>
>> --
>> Be Yourself @ mail.com!
>> Choose From 200+ Email Addresses
>> Get a Free Account at www.mail.com!
>> _______________________________________________
>> Seahorse-list mailing list
>> Seahorse-list gnome org
>> http://mail.gnome.org/mailman/listinfo/seahorse-list
>>
>>
>

--

Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com!