private key protect cipher

David Shaw
Fri Mar 28 05:49:02 2003

Hash: SHA1

On Thu, Mar 27, 2003 at 01:55:15PM -1000, Maxine Brandt wrote:
> On Thursday, March 27,2003 David Shaw replied:
> | If you look at this end to end, then the weakest spot is still the
> | passphrase, but unless the attacker can get to your local system and
> | steal your private key, there is no way take advantage of this.
> |
> |
> OK. That's clear. Just two more questions.
> 1...Do I get any extra protection in using a password (random
> characters) longer than 128 bits?

If your secret key is encrypted with a cipher that can use more than
128 bits, yes.  Note that you would also want to use a hash algorithm
that can generate enough bits here as well.  The default (SHA1)
generates 160 bits.

Before you try and memorize a 256-bit passphrase, though, keep in mind
just how realistic this attack is - and that someone who can access
your computer to lift the encrypted secret key might be able to try
and install a key logger...

> 2...If I import keys created in PGP does GPG use the PGP cipher or does
> GPG convert to CAST5?

GnuPG will use whatever the imported key uses.  However, if you change
the passphrase, GnuPG will re-encrypt using CAST5.  You can change the
cipher GnuPG uses for secret keys with --s2k-cipher-algo.

Note that GnuPG also adds a SHA1 secret key checksum when
re-encrypting an imported secret key.  This protects against some key
modification attacks.

Version: GnuPG v1.2.2rc1 (GNU/Linux)