private key protection

Robert J. Hansen rjh at
Tue Oct 18 15:05:23 CEST 2011

On 10/18/2011 8:36 AM, Jerome Baum wrote:
> Have you looked at my original statement?


> I recall making the distinction between a key* and a key-ring/-file,
> not between a key-ring and a key-file.

A distinction that has been lost on apparently everyone here.  Please
use accepted terminology.

> IIRC "nowadays" is store a separate file per key?

No, it's still a single file ("pubring.gpg", for instance, is the public
keyring).  I just can't promise that it's still a raw stream of RFC4880

> If you look at the original context you'll see that my statement
> wasn't so trivial.

I have been: your statement is trivial.

> The OP asked "how can I prevent people from stealing my key*?" and
> one person answered "it's not a problem if people steal your key*,
> because it's passphrase-protected."

Assuming the passphrase is of high quality, that answer is *absolutely

> In this context it might be a good idea to mention that stealing
> your actual key* from memory _is_ a problem, while stealing your 
> key-file/-ring/-whatever is truly not so big a problem if your 
> passphrase holds up.

If the attacker already has read-wherever access to memory, the attacker
can do orders of magnitude worse than steal private key material.
You're saying here, "if you assume the computer is already in a
game-over condition, then it's game-over."  Which is true, but it's also
pretty close to the canonical example of trivial.

More information about the Gnupg-users mailing list