Printing Keys and using OCR.

David Shaw dshaw at
Thu May 17 05:31:58 CEST 2007

On Wed, May 16, 2007 at 09:20:18PM -0400, Peter Todd wrote:
> On Wed, May 16, 2007 at 03:28:24PM -0400, David Shaw wrote:
> > One trick that can be done when paper escrowing OpenPGP keys is to
> > only print the part you care about.  OpenPGP secret keys are heavily
> > padded with non-secret data.  In fact, the secret key contains a
> > complete copy of the public key.  Since the public key generally
> > doesn't need to be escrowed (most people have many copies of it on
> > various keyservers, web pages, etc, etc), it would not be hard to
> > write a program that extracts just the secret bytes and prints that.
> > To reconstruct, you'd re-enter those bytes (whether by hand or via
> > OCR) and use them to transform your public key into a secret key.
> > 
> > For example, the regular DSA+Elgamal secret key I just tested comes
> > out to 1281 bytes.  The secret parts of that (plus some minor packet
> > structure) come to only 149 bytes.  It's a lot easier to enter 149
> > bytes correctly.
> Hmm... While this certainely depends on trusting symetrical encryption,
> why not simply symetrically encrypt the secret key with a long, say 30,
> digit randomly chosen passphrase and be done with it? Then only that
> passphrase needs to be securely stored and the secret key can be stored
> with standard backup procedures.

The goal with paper is not secure storage.  There are countless ways
to store something securely (not least of which makes use of GnuPG
itself).  The goal is rather a "backup of last resort".  Most of the
storage media in use today do not have particularly good long-term
(measured in years to decades) retention of data.  If and when the
CD-R and/or tape cassette and/or hard drive the secret key is stored
on becomes unusable, the paper copy can be used to restore the secret

Superencrypting the secret key and storing the passphrase doesn't
solve that problem.  If you have the passphrase but the secret key
that it encrypted was on that bad CD-R, you have nothing.


More information about the Gnupg-users mailing list