GnuPG encryption with key file

vedaal at vedaal at
Thu Mar 27 17:34:05 CET 2014

On Thursday, March 27, 2014 at 11:56 AM, "Peter Lebbing" <peter at> wrote:

>These issues wouldn't exist if GnuPG actually *supported* key 
>and would prompt for the key file as it does for a passphrase. 


>> it's not really using the binary file as a key, but rather as a 
>> passphrase


>the attacker thinks "let's try all files, that's computationally 


Even Truecrypt, which does use keyfiles, doesn't do it this way.

Truecrypt uses only the first 1mb of a keyfile, no matter how large the file is,
and uses it to perform a cryptographic function on the passphrase, with that result
then being used to to produce a header key for the encrypted volume.

The suggestions on how to use a keyfile for gnupg, are just using the file as the passphrase.
It doesn't really add to the complexity against an attack, and may make it more vulnerable to an attack as pointed out above.

If you want a simple way to generate a passphrase of maximum complexity for GnuPG,
there is a very easy way to do it;

[1] Encrypt a file to one of your private keys.
[2] Decrypt the file using the option of '--show-session-key'
[3] Use the 64 character session key as the passphrase for whatever you want to symmetrically encrypt with GnuPG.
[4] Sore the encrypted file in [1] in a safe place.

It is as difficult to brute force passphrase as it would be to brute force the GnuPG encrypted message session key itself.

Much as I like different crypto options, I don't think it would really improve GnuPG to have a keyfile option.


More information about the Gnupg-users mailing list