Backup of Keys
Felix Finch
felix at crowfix.com
Sun May 24 19:38:25 CEST 2020
On 20200524, Peter Lebbing wrote:
>Hi,
>
>On 24/05/2020 16:05, Felix Finch wrote:
>> Out of curiosity ... how safe are these files as is, assuming the
>> private key file has a good strong passphrase?
>
>The safety of the private key purely depends on the strength of the
>passphrase. Note that backups will have the passphrase that was set when
>the backup was _made_. Changing the passphrase on your computer will not
>change the passphrase in any older backups.
>
>But there is more data in your GnuPG homedir that is not encrypted but
>is privacy-sensitive. If you ever assign someone ownertrust, that will
>be reflected there. It indicates how much you trust people to correctly
>verify other people's identities and how well you trust them to keep
>their private key private. Your brother-in-law might be offended by you
>assigning him "NEVER TRUST", and your partner might not appreciate you
>apparently having somewhat recently assigned positive trust to that ex
>you swore you never saw anymore.
>
>And then there is the history data for TOFU, which exposes some data
>about when you verified signatures by other people or when you encrypted
>something to someone. This data is there to help you analyse
>trustworthiness about the third party in question when so prompted, but
>it is also communication metadata about you.
>
>These pieces of data might not exist for your particular configuration,
>but they can exist.
>
>> How hard is it to crack a good passphrase?
>
>I think the definition of a good passphrase is that it is infeasible to
>crack it. That makes it circular reasoning.
>
>A well-executed "Correct Horse Battery Staple" passphrase or a long
>enough diceware passphrase cannot be cracked. The problem is determining
>whether you did it right or are misunderstanding some vital detail of
>creating a good passphrase.
>
>For instance, actually choosing "Correct Horse Battery Staple" is about
>the worst thing you can do... :-)
Yes, it does. My passphrase is about ten words which only make sense to me, not even to people who know me, are not grammatically correct, etc.
--
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
Felix Finch: scarecrow repairman & wood chipper / felix at crowfix.com
GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o
More information about the Gnupg-users
mailing list