Caching symmetric encryption passphrase with gpg-agent

Daiki Ueno ueno at
Mon Mar 16 10:23:52 CET 2009

>>>>> In <87tz67arx7.fsf at> 
>>>>>	Werner Koch <wk at> wrote:
> Using the salt as a cache id is a clever idea.  That allows to decrypt a
> message during the caching time without entering the passphrase again.
> I am not sure whether there is a use case for this.

As a developer of the Emacs interface, I have frequently been asked how
to cache the passphrase for symmetric encryption, and I eventually added
a special option epa-file-cache-passphrase-for-symmetric-encryption.

So I'm confident that those who are reluctant to generate public keys
just for caching passphrases will be happy if the caching is implemented
in the gpg-agent level.

> Reusing the salt for another message defeats the purpose of the salt and
> thus makes no sense.

I see.  I will try to polish my patch not including the salt-reusing

Daiki Ueno

More information about the Gnupg-devel mailing list