Traveling without a secret key (was: As a fan of GnuPG ... )

Philihp Busby philihp at gmail.com
Tue Jul 7 23:36:17 CEST 2020 

Regenerating your secret key like this is perhaps dangerous and easy to do wrong, for example you will probably leak it in your shell's history. If an attacker finds out this is your scheme, they can then start to brute force your secret key without need any access to your data, which happened with Brainflayer[1].

Since your secret key is stored symmetrically-encrypted with a passphrase, it's not game over if it gets leaked (e.g. border control). It is a concern that you could have leaked without knowing, and your passphrase could _eventually_ being cracked; better would be to put it on a smart-card like an Yubikey, which will only give Mallory a couple chances to guess before the tape self-destructs.

[1] https://www.wired.com/2015/07/brainflayer-password-cracker-steals-bitcoins-brain/

On 2020-07-07T22:42:07+0200 Stefan Claas <sac at 300baud.de> wrote 1.9K bytes:

> Stefan Claas wrote:
>  
> > ... you should try this out in your terminal and look at the beginning
> > of the output:
> > 
> > $ echo 1fccaf3d | xxd -r -p | openssl dgst -sha256 -binary | openssl enc
> > -base64
> 
> I thought about this technique a bit for easy to remember passwords, which
> can be converted to strong passwords.
> 
> Let's say you travel a lot and do not want to risk that your secret key
> gets compromised due to border control etc.
> 
> One simply uses the program passphrase2pgp, from GitHub[1] and when creating
> the key and the passphrase is needed, one simply issues:
> 
> echo -n 'simple password' | openssl dgst -sha256 -binary | base91 or base64
> and then one gets a string with an entropy of over 200, which is more than
> secure. This would one IMHO allow to have a strong passphrase but generated
> with an easy to remember password.
> 
> Here's a little Go program, wich does this without the above commands,
> so that it can be used on Windows without OpenSSL:
> 
> package main
> 
> import (
> 	"crypto/sha256"
> 	"bufio"
>         "os"
> 	"fmt"
> 	"encoding/base64"
> 
>         "ekyu.moe/base91"
> )
> 
> func main(){
>     scanner := bufio.NewScanner(os.Stdin)
>     scanner.Scan() // use `for scanner.Scan()` to keep reading
>     src := scanner.Text()
>     hash := sha256.Sum256([]byte(src))
>     fmt.Println(base91.EncodeToString([]byte(hash[:])))
>     fmt.Println(base64.StdEncoding.EncodeToString(hash[:]))
> }
> 
> One simply starts the program and then types the easy to
> remember password and presses enter and the program returns
> a base91 and base64 string to choose from.
> 
> And with passhprase2pgp one needs always to remember the
> Unix Expoch Time, for key creation, so that always the
> same secret key will be generated.
> 
> [1] https://github.com/skeeto/passphrase2pgp
> 
> Regards
> Stefan
> 
> -- 
> my 'hidden' service gopherhole:
> gopher://iria2xobffovwr6h.onion
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200707/10b920cb/attachment-0001.sig>

More information about the Gnupg-users mailing list