Printing Keys and using OCR.

Peter Todd pete at
Thu May 17 03:20:18 CEST 2007

On Wed, May 16, 2007 at 03:28:24PM -0400, David Shaw wrote:
> One trick that can be done when paper escrowing OpenPGP keys is to
> only print the part you care about.  OpenPGP secret keys are heavily
> padded with non-secret data.  In fact, the secret key contains a
> complete copy of the public key.  Since the public key generally
> doesn't need to be escrowed (most people have many copies of it on
> various keyservers, web pages, etc, etc), it would not be hard to
> write a program that extracts just the secret bytes and prints that.
> To reconstruct, you'd re-enter those bytes (whether by hand or via
> OCR) and use them to transform your public key into a secret key.
> For example, the regular DSA+Elgamal secret key I just tested comes
> out to 1281 bytes.  The secret parts of that (plus some minor packet
> structure) come to only 149 bytes.  It's a lot easier to enter 149
> bytes correctly.

Hmm... While this certainely depends on trusting symetrical encryption,
why not simply symetrically encrypt the secret key with a long, say 30,
digit randomly chosen passphrase and be done with it? Then only that
passphrase needs to be securely stored and the secret key can be stored
with standard backup procedures.

Of course, this is really identical to a secret key with a good
passphrase... Which is why I have no qualms about having my secret keys
stored along side my standard backups given that my passphrases are all
15 characters long randomly generated upper/lower/number/symbols...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20070516/b92cb8ea/attachment.pgp 

More information about the Gnupg-users mailing list