Procedure of deriving a pruivate key from the password
c.kremsmayr at gmx.net
Mon Apr 4 13:07:26 CEST 2016
I only have a vague and incomplete understandig of the procedure in
which GnuPG derives a private key from a password.
As far as I know each private key is stored in the private keyring by a
The generation of the private key is as following:
1. The user creates a password.
2. GnuPG adds an accidential bit sequence (= salt) to the password. The
bit sequence is stored seperatedly from the password.
3. Password and Salt (bit sequence) are concatenated.
4. This concatenation is hased by the hash function in use
Steps 2 to 4 builds up one iteration. I can control the number of
iterations by the option --s2k-count.
After the last iteration the resulting hash value is mangled. The result
of this mangling process ist the private key.
Question 1: What exactly is "mangling"?
Question 2: Did I get a correct understanding of the key derivation
process or am I wrong?
(Sry for my weird english.)
Best regards Christine
More information about the Gnupg-users