On composing scrypt and openpgp s2k key stretching for symmetric encryption

Brian Gitonga Marete marete at toshnix.com
Thu May 22 15:46:03 CEST 2014

Hello all!

What would be the security effect of generating a 32 byte key from a
passphrase using scrypt and then using that as a "passphrase" for openpgp's
symmetric encryption (this 32 byte key will of course then be acted upon by
openpgp's s2k algorithm). Specifically, can one expect that this will make
brute-forcing a symmetric passphrase (theoretically or practically) harder?
(Given the same strong passhrase).

Please note that I am asking this from an application point of view and not
calling for the inclusion of scrypt into the openpgp standard.


Brian Gitonga Marete,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140522/f595ae27/attachment.html>

More information about the Gnupg-users mailing list