Security of message when private key is exposed but password isn't?

Adrian 'Dagurashibanipal' von Bidder
Wed Aug 28 14:17:02 2002

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

[secure key is compromised - how secure are we?]


With gnupg (and other similar encryption systems, I'd guess), the user
password is by far the weakest point of the system. So if your secret
key goes out, you should assume that the attacker has practically
decrypted your data.

With normal english text, you gain about 1 bit entropy per character. If
you are a bit careful, but still want to have a typeable and memorizable
password, I'd guess you won't go far beyound 4 or 5 bits per
character[1], so at least a 25 characters long password would be
necessary. Even with a purely random password, if you're restricting
yourself to typeable characters you won't have much more than 6 bit
entropy (you'll probably want to avoid non-ascii characters to avoid
interoperation problems).

So, again: if the secret key is out, you've lost.

-- vbi

[1] I haven't any data about it. But I guess with chosing more or less
pronouncable syllables, and introducing the odd punctuation or numeral,
you'd still be quite predictable. And you'd still be restricted to about
70 characters.

secure email with gpg              

NOTICE: is known to carry a valid copy of my key

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.0.7 (GNU/Linux)

Signature policy: