gpg on public system?

Florian Weimer
Sat Feb 3 09:59:10 2001

Jan Petranek <> writes:

> > No, this is impossible. If the system is insecure, you cannot keep
> > your private keys secret.
> Well, that indeed is a point. So I have to put up with minimizing the
> risks. Any suggestions to that?
Do you have access to a trustworthy machine? You could use two keys, one for critical stuff (e.g. certifying keys, signing important messages, this will be done only on the trusted machine), and one for the day-to-day operation. The CD solution is hard to improve. You could store a modified GnuPG binary on it, obfuscate the file names, apply some heuristics to check for system integrity, check if the binary is running under a debugger, and so on. Of course, this is just an attempt to achieve security by obscurity which doesn't work in general.