[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Physical storage of key is the weakest link

To: [email protected] (Timothy C. May)
Subject: Re: Physical storage of key is the weakest link
From: Andrew Purshottam <[email protected]>
Date: Fri, 01 Jul 1994 13:57:32 -0700
Cc: [email protected]
In-Reply-To: Your message of "Fri, 01 Jul 1994 13:37:07 PDT." <[email protected]>
Sender: [email protected]

Excuse my ignorance of PGP, I am fairly new to using it, and thinking about
its operation and source code. Is not your secret key stored encoded by
the pass phrase, so that if the pass phrase is in your head, the secret
key on disk is useless to an attacker? Of course, while PGP is running,
after you have entered the pass phrase, the secret key is available within 
your machine, and could be stolen, and if your OS leaves pagefiles etc
arounnd, might even be taken after you shut down PGP.

Or am I missing something? Thanks, Andy

Follow-Ups:
- Re: Physical storage of key is the weakest link
  - From: [email protected] (Timothy C. May)

References:
- Physical storage of key is the weakest link
  - From: [email protected] (Timothy C. May)

Prev by Date: Physical storage of key is the weakest link
Next by Date: RE: Illegal Acts & Crypto
Prev by thread: Physical storage of key is the weakest link
Next by thread: Re: Physical storage of key is the weakest link
Index(es):
- Date
- Thread