Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

Daniel Colquitt hello at danielcolquitt.com
Sat Feb 19 17:02:14 CET 2022


> On 19 Feb 2022, at 14:52, Werner Koch <wk at gnupg.org> wrote:
> 
> gpg does not encrypt private keys.  This is done by gpg-agent.  The
> method how the keys are protected internally are out of scope for
> OpenPGP.  See gnupg/agent/keyformat.txt for the specification of the
> internal format.

Apologies for conflating gpg and gpg-agent. I also appreciate that the protection of keys is not part of the OpenPGP specification. 

> However, for allowing gpg to export a private key in the OpenPGP
> specified format, gpg-agent applies the encryption.  For this S2K mode 3
> with AES128 and SHA1 is used. 

Whilst AES128 is probably okay for now, SHA1 has been broken for well over 15 years. Hence, my question about specifying alternative algorithms for the internal storage and exporting of private keys.

I now understand that it is not possible for the user to alter the encryption algorithm used by gpg-agent to secure private keys. Perhaps it would be a good idea to say this explicitly in a documentation? I appreciate that the manual does not say explicitly that this is possible, it certainly gives that impression.

Anyway, thank you for your help.

Dan


More information about the Gnupg-users mailing list