Modifying the number of iterations in S2K generation

Werner Koch wk at gnupg.org
Mon Apr 25 09:58:10 CEST 2005


On Mon, 25 Apr 2005 17:03:07 +0930, Roscoe  said:

> Trivial matter I know, I was just curious to see that the loop-aes
> folk felt the need to bother patching gpg.

You only need to enter the passphrase once when mounting the
filesystem.  In contrast, with gpg you need to enter the passphrase
for every message and thus it should not take too long.

Except for the -c case, the security of OpenPGP comes from keeping the
keys secret, whereas crypto filesystems most often rely only on a
passphrase.  It would be better to use public key crypto with crypto
file systems too.  Its as easy as to use a random passphrase and
encrypt this using a regular gpg key.


Salam-Shalom,

   Werner





More information about the Gnupg-users mailing list