Hello all!

What would be the security effect of generating a 32 byte key from a
passphrase using scrypt and then using that as a "passphrase" for openpgp's
symmetric encryption (this 32 byte key will of course then be acted upon by
openpgp's s2k algorithm). Specifically, can one expect that this will make
brute-forcing a symmetric passphrase (theoretically or practically) harder?
(Given the same strong passhrase).

Please note that I am asking this from an application point of view and not
calling for the inclusion of scrypt into the openpgp standard.

Thanks!

Brian Gitonga Marete,
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to