[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Physical storage of key is the weakest link
[email protected] tells us:
>Much more likely:
>
>* Diskettes left lying around. Secret keys on home computers.
>
>* Incompletely erased files. (Norton Utilities can recover erased
>files; mil-grade multiple-pass erasure may be needed.)
>
>
>A simple search warrant executed on your premises will usually crack
>open all your crypto secrets. (Fixes to this are left as an exercise.)
>
>Where to store one's secret key is an issue that makes academic the
>issue of whether one's key can be compelled. A diskette stored at
>one's home, in one's briefcase, etc., can be gotten. A pendant or
>dongle or whatever that stores the key can also be gotten. The
>passphrase (8-12 characters, typically) is secure, but not the key.
>
>--Tim May
If your passphrase is good (128+ bits of entropy), then your private key is
as secure as the messages that you send. Although it need be broaken only
once, I see no real danger of IDEA being compromised in the near future.
Given a good passphrase, I would suggest that you want multiple coppies of
your key to prevent loss or accidental destruction. My passphrase is > 30
characters. Fortunately Mac PGP remembers the key during any given session
so typing is kept down a bit.
--------------------------------------------------
Lance Cottrell who does not speak for CASS/UCSD
[email protected]
PGP 2.3 key available by finger or server.
"Love is a snowmobile racing across the tundra. Suddenly
it flips over, pinning you underneath. At night the ice
weasels come."
--Nietzsche