Protecting private key on USB flash drive: how to?
Faramir
faramir.cl at gmail.com
Sat May 10 17:37:27 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks, Sven Radde, I figure Truecrypt will be a good option when I
have enough privileges in the other computer too, and I am a bit
unwilling to use an outdated version to work around that limitation...
For now, I think the best option would be a gpg self extracting
encrypted file (containing the private keyring), and using symmetric
encryption in it, and that file hidden inside a lossless compressed
image file (and what would look more innocent that a folder with some
pretty girls in swimsuits? well, maybe pretty girls without swimsuits).
I already found a java based steganography program (freeware and
opensource), and I also have portabilized jre + gpg + gpgshell in the
usb flash drive. The procedure would be to extract the encrypted file
from the picture, extract the private keyring, copy it to the right
folder, and do whatever I have to do. Once finished, I would just delete
the keyring. All this with my fingers crossed to avoid some malware
stealing my passphases and all that.
But I also found a tutorial that shows how to protect the primary
private key, allowing to revocate the compromised subkeys without losing
everything (signatures other people could have put in my keys). The
problem is I am still newbie in how public keys work, so I am not sure
if the public keys I already uploaded to the keyservers can work with
the private subkey the tutorial suggest to make (but it wont be a really
big problem, since the only public key that would receive a message is
the one I use in this list, and I can wait until I arrive home to check
this mail... I can just revocate and rebuild the other one)... and also,
I am not sure if these subkeys would be enough to decrypt encrypted
emails sent to me (and if they can't, then there is no point in
following the tutorial).
I will give put the link to the tutorial, so, in the unlikely case you
don't already know it (everywhere I look for cryptography info, I find
the name of one or two people in this list), you can read it and give
your opinion...
the link is: http://tjl73.altervista.org/HTML_sign_tutorial/tutorial_en.html
Regards
(is there, in english, a better salutation than "regards"? I use too
write "Saludos", or just "salu2", but that wouldn't have any meaning here)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBAgAGBQJIJcE3AAoJEIISGkVDGUEOi/IIAMvHx+Ou3vWiu3obL2/7Jt+g
dvdag/SpSrDzN8XRrY3ooa80eaXztwwJp8INp+U8evjRPhv4bqBre2aUtf9J8yx/
Jag1dwj+xSskVYVoi6+/Ax/06Dz4hNdnzb8GSvmgkDVY8v+jPgNaG9n1zVRLZ5jK
/S+bhOuq53XooljK6rkztEMuoLeEi0J7ssECAxPO+cyuyDNMf5Ta2nSkPWzM3nDZ
oNPmbFu5qK10BQl7/fbFjwtZI+MbhZOxttESjeBcQmyuGZRHS4j6T7EHU29brxnV
Z3paAztIcy89bG4TBrxBcG2JqH6tlJtfUzZJ521qsSso3ZAFh6x6pLRcOkfZ//0=
=m8Ea
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list