Protecting your private key - passphrase
Stefan Claas
stefanclaas at riseup.net
Mon Dec 14 14:05:47 CET 2020
On 2020-12-14 12:26, Robert J. Hansen via Gnupg-users wrote:
>> People who have difficulties to create a long passphrase and
>> remembering those, when using differrent ones for different use cases.
>
> Then why aren't you using PBKDF2 or Argon2?
>
> If you're writing a key derivation app -- use a key derivation function.
>
>> Had I used PBKDF2 for my litle program people would have a key which
>> they need to store somewhere, while my program does not store keys,
>
> What are you talking about? Here's the signature for PBKDF2 in
> Golang's crypto library:
>
> func Key(password []byte,
> salt []byte,
> iterations int,
> keyLength int,
> hashFunction func() hash.Hash) []byte
>
> If you need to generate the same key again later, just feed in the
> same inputs. You have nothing to keep track of so long as you
> remember the passphrase.
I said that my program does *not* store any *keys* and the *required*
parameters (which can be set manually and individually, in order
to use the same passphrase again) ...
Regards
Stefan
More information about the Gnupg-users
mailing list