any way to use gpg(openpgp) with Argon2
Werner Koch
wk at gnupg.org
Wed Jun 20 19:23:47 CEST 2018
On Tue, 19 Jun 2018 14:20, calestyo at scientia.net said:
> Or is there any integration of argon2 planned into the standard (and
> this going to happen in a forseeable time)?
I doubt that it will make it into rfc4880bis. I also see no reason for
it. Passphrases must die.
I fact OpenPGP is mostly about public key encryption and thus we don't
use passphrases for its main tasks. Passphrases can be used to protect
a private key but that is questionable because if you box is already
compromised the passphrase does not help much. The other use of
passphrases is symmetric-only encryption (command -c) but in most use cases
the passphrase comes from another application or a database and is not
entered manually. In this case I consider it better to use --s2k-mode=0
along with a full entropy passphrase instead of relying on passphrase
mangling algorithms - they are designed for manual interaction and not
for large scale use with thousands of messages.
For disk encryption it is better to use a token than a secure passphrase
most humans can't remember.
Salam-Shalom,
Werner
--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180620/a243ed7b/attachment.sig>
More information about the Gnupg-devel
mailing list