some beginner questions

Peter Lebbing peter at
Mon Apr 3 13:16:43 CEST 2017

On 03/04/17 08:25, Doug Barton wrote:
> That said, as long as you have a suitable passphrase your risk of key
> compromise is really, really minimal, even if they did get total control
> over your device. Barring coercion, the chances of someone guessing your
> passphrase is near zero. And currently that's the only way to gain
> access to a secret key, even if you have it in your possession.

I might misunderstand what you mean. But when somebody has full access
to your device, they can simply log your keystrokes when you type the
passphrase, and get your passphrase that way. Key compromise is very
well possible without you knowningly handing over the passphrase.

More generally, it is impossible to use GnuPG in a meaningful way on a
compromised device. I think this generally goes for pretty much all
cryptography. Different solutions limit compromise in different ways,
but to actually keep on using cryptography problem-free, I don't think
that will work.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170403/2d7823a0/attachment.sig>

More information about the Gnupg-users mailing list