A password, a passphrase, how about a passfile?

antispam06 at sent.at antispam06 at sent.at
Wed Aug 29 11:49:06 CEST 2012


I felt offended by my own email: What is stopping PKI from growing. So
I come with a question: some security apps like TrueCrypt and KeePass
allow the user to use a keyfile instead of a password.

Now, given a file filled with values 0 to 255 as random as they
possibly can get, a keyfile is the ideal key. Only that can be mistaken
by the bad guys as encrypted data. So, thanks to the guys with the
deniabily feature enabled in their cryptography apps, one risks to get
a few nails pulled at best. Or it can turn back home in more plastic
bags he or she can count. I'm thinking, as a lay person, how would a
simple, regular, obvious file fare as a keyfile?

Would a 6Mb wav fit the bill? Would a 3.5Mb compressed flac file do any
better? Would a 125Kb jpeg of a grandmother be better or worse? Would a
rather random 60Kb quote from the Shakespeare, the Bible or the Koran
in ASCII or UTF-8 be better than my 26 hard to guess password? How
about a 2Kb useless, pointless pdf? Or it's 3Kb standard, plain zip?

Cheers!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120829/e326756f/attachment.htm>


More information about the Gnupg-users mailing list