Backup of encrypted private key on uncontrolled disks

Shea Levy shea at shealevy.com
Thu Nov 20 17:54:38 CET 2014


Hmm, I’m having a hard time imagining how someone could get me to divulge the passphrase if they couldn’t also get me to hand over the key backups I own. Of course, my imagination is not the limit here, so is there something I’m missing?

Thanks,
Shea

> On Nov 20, 2014, at 11:27 AM, Robert J. Hansen <rjh at sixdemonbag.org> wrote:
> 
>> My private key is encrypted with a very strong passphrase (10 word
>> diceware [1], not written down, 129 bits of entropy). Given that, is it
>> safe to back it up on disks I don't control, such as a private S3 bucket
>> or a VPS? My intuition says yes, but I've learned to never trust my
>> intuition when it comes to security.
> 
> If you are completely confident that no one will ever get your passphrase from you, this is safe.  Otherwise, it's not.
> 
> It may be appropriate to have a little caution with respect to whether you believe anyone will ever get your passphrase from you.
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users




More information about the Gnupg-users mailing list