Backing up your PGP key by hand

Sven Richter sven.r.richter at protonmail.ch
Sun May 8 18:24:24 CEST 2022


> And by reading them, they have powered up and refreshed the charge. The
> problem applies to such flash storage devices which have been left
> unpowered for longer periods of time. Again, it depends a bit on what
> the planned retention period is for the keys and their data.

A few months ago I rediscovered an old USB stick, whose existence I'd completely forgotten.
Had not touched that thing in around eight or nine years. Despite that it read just fine.
And we're not talking about some high quality premium device here. Named well known brand yes, but a cheap model.
I highly doubt the "flash can only store for a few months". In my personal experience flash can survive for many years.
Sure, sometimes new drives and cards can fail really quickly, but the same can be said about other media like HDDs too. If it survives the first couple months (or even weeks) then it will most likely last for years.

I still remember buying some first generation consumer SSDs back in 2010. Back then everybody was wary, saying the tech is too new and flash doesn't life long enough.
Used some of those drives in computers that run 24/7 and the last of them was replaced when it showed signs of dying about year ago (early 2021).
I'd say eleven years was a decent lifespan. ;)

In my opinion the longevity of flash, no matter the format, is greatly underestimated. Plus a real advantage I noticed is that many drives don't die suddenly like HDDs tend to do, instead they often die slowly giving you time to replace them.
As such I wouldn't mind at all storing my keys on a flash drive.
Also, if you have valuable data you should always store it on at least two devices that are physically separated anyway. So if one fails it shouldn't be a big deal.

(With all of that being said, I'd still be in favor of an easy way to store on paper.)

Greetings
Sven



------- Original Message -------
On Thursday, May 5th, 2022 at 7:44 AM, Lars Noodén via Gnupg-users <gnupg-users at gnupg.org> wrote:


> On 5/5/22 01:11, Jacob Bachmeyer wrote:
>
> > Lars Noodén via Gnupg-users wrote:
>
> > > A removable hard drive might be an option, if the storage time
>
> > > is less than a decade and there are decent storage conditions
>
> > > in regards to chemicals, temperature, humidity, and so on. Flash
>
> > > memory seems to lose
>
> > > its charge rather quickly, measured in months.
>
> > Write-once optical media is my preferred means of long-term backup for
>
> > nontrivial amounts of data,
>
> [snip]
>
> The number of years that the keys and the data they apply to will be
> stored unpowered, offline will influence which storage medium is
> acceptable for the task.
>
> Old CD-R were short-lived garage from my experience, but certain models
> of recently made CD-R should last a while even under slightly
> non-optimal storage conditions before they start flipping bits.
> However, it's hard to know until it's too late. And all bets are off
> for bad storage condistions. Now that the quality has improved, under
> optimal storage conditions, they ought to retain data for decades:
>
> https://www.canada.ca/en/conservation-institute/services/conservation-preservation-publications/canadian-conservation-institute-notes/longevity-recordable-cds-dvds.html
>
> https://www.loc.gov/preservation/resources/rt/NIST_LC_OpticalDiscLongevity.pdf
>
> Whether that bit flip hits anything important is another matter, but
> they do add up over time and with enough of them they will eventually
> hit something, worse if it hit something compressed. I'm sure BtrFS or
> OpenZFS might be relevant there.
>
> Air pollution, temperature, light, and humidity are some of the factors
> affecting the lifespan of the physical storage medium.
>
> > I have SD cards and USB sticks with data blocks last written
>
> > many years ago and still readable. Granted, I have never used
>
> > low-end no-name
>
> [snip]
>
> And by reading them, they have powered up and refreshed the charge. The
> problem applies to such flash storage devices which have been left
> unpowered for longer periods of time. Again, it depends a bit on what
> the planned retention period is for the keys and their data.
>
> /Lars
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> https://lists.gnupg.org/mailman/listinfo/gnupg-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: publickey - sven.r.richter at protonmail.ch - 0x141E8192.asc
Type: application/pgp-keys
Size: 1159 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220508/5e9400ae/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220508/5e9400ae/attachment.sig>


More information about the Gnupg-users mailing list