[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: Physical storage of key is the weakest link



-----BEGIN PGP SIGNED MESSAGE-----

[email protected] writes:
><< some suggestion to keep keys secure on floppy>>
>
><<Lance Cottrel writes:
>If your passphrase is good (128+ bits of entropy), then your private key is
>as secure as the messages that you send. Although it need be broken only
>once, I see no real danger of IDEA being compromised in the near future.
>Given a good passphrase, I would suggest that you want multiple copies of
>your key to prevent loss or accidental destruction. My passphrase is > 30
>characters. Fortunately Mac PGP remembers the key during any given session
>so typing is kept down a bit.
>>>
>
>If you are really paranoid, keeping your private keys super secure is a good 
>idea.  If a bad guy were come and steal them all she needs to do find out 
>your passphrase (using all kinds of attacks.... camera over your desk....) 
>and bingo, they can read all past and future message traffic to you...

There are two things to be paranoid about. One is that other people could
get access to your information. The other is that you might loose access to
your information and the ability to autheniticate yourself.

My personal comfort level is currently: having a few coppies of the secret
key which I keep physical control over,  only using PGP on my personal
computer, and protecting it with a very inconvinient passphrase. Should I
also mention that I keep the key, PGP, and all my other crypto stuff on an
encrypted partition?

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLhz1+FVkk3dax7hlAQGNlgP9EYV7YWcLCeoNqGYJjZ46KcCglhB3zcpC
mu/e1Jr26GPDyKNQySEvVuGNAKKQs0Ep9K1HIUmTt5jaalMh+SE4eeNwfuTV3RtT
bsy32E0n7AwTMgOLNeA1jhkBFTxpCnT0lSTO/oKQecnukkkgtxlcl+7gzrs1yhn8
R+V4bZoukCc=
=W255
-----END PGP SIGNATURE-----

--------------------------------------------------
Lance Cottrell  who does not speak for CASS/UCSD
[email protected]
PGP 2.3 key available by finger or server.

"Love is a snowmobile racing across the tundra.  Suddenly
it flips over, pinning you underneath.  At night the ice
weasels come."
                        --Nietzsche