On Thursday, March 27, 2014 at 11:56 AM, "Peter Lebbing" <pe...@digitalbrains.com> wrote:
>These issues wouldn't exist if GnuPG actually *supported* key >files, >and would prompt for the key file as it does for a passphrase. ..... >> it's not really using the binary file as a key, but rather as a >> passphrase ..... >the attacker thinks "let's try all files, that's computationally feasible". ===== Even Truecrypt, which does use keyfiles, doesn't do it this way. Truecrypt uses only the first 1mb of a keyfile, no matter how large the file is, and uses it to perform a cryptographic function on the passphrase, with that result then being used to to produce a header key for the encrypted volume. http://www.truecrypt.org/docs/keyfiles-technical-details The suggestions on how to use a keyfile for gnupg, are just using the file as the passphrase. It doesn't really add to the complexity against an attack, and may make it more vulnerable to an attack as pointed out above. If you want a simple way to generate a passphrase of maximum complexity for GnuPG, there is a very easy way to do it; [1] Encrypt a file to one of your private keys. [2] Decrypt the file using the option of '--show-session-key' [3] Use the 64 character session key as the passphrase for whatever you want to symmetrically encrypt with GnuPG. [4] Sore the encrypted file in [1] in a safe place. It is as difficult to brute force passphrase as it would be to brute force the GnuPG encrypted message session key itself. Much as I like different crypto options, I don't think it would really improve GnuPG to have a keyfile option. vedaal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
