private key protection
Robert J. Hansen
rjh at sixdemonbag.org
Tue Oct 18 15:05:23 CEST 2011
On 10/18/2011 8:36 AM, Jerome Baum wrote:
> Have you looked at my original statement?
Yes.
> I recall making the distinction between a key* and a key-ring/-file,
> not between a key-ring and a key-file.
A distinction that has been lost on apparently everyone here. Please
use accepted terminology.
> IIRC "nowadays" is store a separate file per key?
No, it's still a single file ("pubring.gpg", for instance, is the public
keyring). I just can't promise that it's still a raw stream of RFC4880
octets.
> If you look at the original context you'll see that my statement
> wasn't so trivial.
I have been: your statement is trivial.
> The OP asked "how can I prevent people from stealing my key*?" and
> one person answered "it's not a problem if people steal your key*,
> because it's passphrase-protected."
Assuming the passphrase is of high quality, that answer is *absolutely
correct*.
> In this context it might be a good idea to mention that stealing
> your actual key* from memory _is_ a problem, while stealing your
> key-file/-ring/-whatever is truly not so big a problem if your
> passphrase holds up.
If the attacker already has read-wherever access to memory, the attacker
can do orders of magnitude worse than steal private key material.
You're saying here, "if you assume the computer is already in a
game-over condition, then it's game-over." Which is true, but it's also
pretty close to the canonical example of trivial.
More information about the Gnupg-users
mailing list