Securing Secret Keys
Fri Mar 28 18:01:01 2003
From: David Champion [mailto:firstname.lastname@example.org]=20
>Jointly, consider whether your keyrings were backed up by=20
>the company backup system, or on any other backup media=20
>you're leaving behind...
Hmm... Isn't this much ado about nothing?
Brad, your private GnuPG keyring is protected by a strong cipher,
probably CAST. Assuming you have a good, strong pass-phrase--with more
than 64 bits of entropy--it shouldn't matter much if your private key
ring file is backed up to a tape you don't control or is accidentally
left on some disk somewhere. In this scenario, any conceivable attacker
would be much better off torturing your pass-phrase out of you than
trying to attack your private key ring file.=20
Are you a spy, a defense contractor, an revolutionary, a terrorist, or a
government official? If not, you probably don't need to worry about
someone expending the huge resources needed to crack your private key
ring file so they can surreptitiously read your encrypted messages
without your knowledge. You need to match your level of paranoia to the
threat you face.
Now, if you have a weak pass-phrase with less than 64 bits of entropy,
well, you need to think about wiping disks & backup media, or more
probably revoking you key.
Also, if others in your company had root-level access to your
workstation, then you can consider your key compromised. Any one of them
could have put a keystroke logger on your machine a long time ago to
capture your pass-phrase.
Sr. Network & Database Administrator
Bank Administration Institute
Chicago, Illinois, USA
PGP Key: http://www.malayter.com/pgp-public.txt
A fanatic is one who can't change his mind and won't change the subject.
-Sir Winston Churchill=20