using main key ID as cache key?

[Daiki Ueno]

Werner Koch <wk at gnupg.org> writes:

> That is not correct.  The GPG key generation creates the 3 standard
> keys with the same passphrase.  All other commands should work
> correctly if the primary and the subkeys have different passphrases.

Is there a way to set different passphrases to the primary and subkeys?

> For ssh keys it has been suggested to try unprotecting all ssh keys at
> once if one has been unprotected.  A rationale for this is that often
> different ssh keys have the same passphrase.  Now if malware already
> knows one passphrase, it doesn't matter if the other keys are also
> unprotected (or alias a cache entry).  The same is true for the gpg
> primary and subkeys.

I see.

> A simple implementation would just try to decrypt all keys if a valid
> passphrase is given for one key.  With many keys, that won't fly
> because the decryption is designed to take some time.  For ssh keys,
> the sshcontrol file could be used to limit the keys.

Perhaps I don't understand the idea fully, but in the above you mean the
information that indicates which secret subkeys share the same
passphrase shouldn't be public, right?  If so,

> For gpg, we would need a way to link certain keys together.

The "links" also should be hidden?  An idea might be to embed some hints
(like, a list of other subkeys in the same group) in each unprotected
key data.

Regards,
-- 
Daiki Ueno