Procedure of deriving a pruivate key from the password
Christine Kremsmayr
c.kremsmayr at gmx.net
Mon Apr 4 13:07:26 CEST 2016
I only have a vague and incomplete understandig of the procedure in
which GnuPG derives a private key from a password.
As far as I know each private key is stored in the private keyring by a
string-to-key-function.
The generation of the private key is as following:
1. The user creates a password.
2. GnuPG adds an accidential bit sequence (= salt) to the password. The
bit sequence is stored seperatedly from the password.
3. Password and Salt (bit sequence) are concatenated.
4. This concatenation is hased by the hash function in use
(--s2k-digest-algo).
Steps 2 to 4 builds up one iteration. I can control the number of
iterations by the option --s2k-count.
After the last iteration the resulting hash value is mangled. The result
of this mangling process ist the private key.
Question 1: What exactly is "mangling"?
Question 2: Did I get a correct understanding of the key derivation
process or am I wrong?
(Sry for my weird english.)
Best regards Christine
More information about the Gnupg-users
mailing list