Hi! Chris Poole schrieb: > How secure is it to use my own public key as the encryption method > (rather than symmetric), given that the password file is stored on the > same drive as my public and private keys? The simple answer is: It doesn't matter, both methods are equally secure (with the security determined primarily by the strength of your passphrase).
The asymmetric approach could have its advantages, because I can imagine some scenarios where an attacker might obtain the encrypted data and the passphrase but would be unable to get access to the secret key file (e.g., because it is not a file but rather in a smartcard or because the private key is on offline media at the time of compromise of the data). Not having the private key leaves an attacker with the requirement to either brute-force the symmetric session key or crack the public key to obtain the secret key. Both things are supposed to be infeasible given GnuPG's algorithms/keylengths and the current state of cryptanalysis. However, there is the risk that a cryptanalytical advancement would allow easy breaking of asymmetric keys which could enable an attacker to fully bypass your passphrase by cracking the public key (thereby getting the private key and thereby decrypting the data). IMHO, this risk is negligible and if it happens anyway, people would probably have nastier things to do than cracking specifically *your* key (e.g. forging SSL certificates of banks etc)... On the other hand, asymmetric has one disadvantage: The private key file is something that must be stored as safe as the encrypted data. (I mean backups etc.) No matter whether you know the passphrase, if the private key file is deleted, you won't get your data back! As a sidenote: Is it possible to find out a public key just from looking at data encrypted to that public key?(Assume the key is not on a keyserver, of course.) If the public key could also be hidden from an attacker (e.g. the attacker has just the encrypted data file and the passphrase), it would leave brute-forcing of the symmetric algorithm as the only attack option... Plausible scenarios for this are more difficult to imagine, though. cu, Sven PS: IMHO there are more usable ways of managing one's passwords than storing them in a GnuPG file (although much can be accomplished by wrapping access to that file through a number of shell scripts, I assume). _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
