Printing Keys and using OCR.
Peter Todd
pete at petertodd.ca
Thu May 17 08:48:13 CEST 2007
On Wed, May 16, 2007 at 10:24:51PM -0500, Ryan Malayter wrote:
> On 5/16/07, Peter Todd <pete at petertodd.ca> wrote:
> > Then only that
> > passphrase needs to be securely stored and the secret key can be stored
> > with standard backup procedures.
>
> I believe the originally posted question centered around long-term key
> storage, for which magnetic and optical media are inadequate. Popular
> media would require continual maintenance, such as burning to new
> discs every 5-10 years, or upgrading the tape format to LTO-1600 in
> 2013. Whether or not the private key is protected by a strong pass
> phrase doesn't really matter; how to store and recover a key from
> paper is the challenge.
Yes, but my point is that a private key is used in association with
data. So we can simply store the encrypted private key along with the
data it is supposed to be used with and store on paper nothing but a
relatively short (compared to the whole private key) passphrase.
Having the private key stored better than the data it is to be used with
is pointless. If the data is gone, generally the key isn't very usefull
either.
Of course this is assuming the symetric encryption is sufficiently
secure... Also note that a key used for *signing* rather than encryption
poses problems, but even then if you have enough faith in the symetrical
encryption, and why not, then I see nothing wrong with distributing the
private key alongside the data it is signing.
--
http://petertodd.ca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : /pipermail/attachments/20070517/3bbab8b5/attachment.pgp
More information about the Gnupg-users
mailing list