On Thu, 27 Jan 2022 08:25, Teemu Likonen said:

> outside your normal computers I suggest using the export format: "gpg
> --export-secret-keys".

Note that there is an attack on the private key export format.  Thus my
recommendation not to rely on this unless you can make sure that the
exported keys in the backup have not been modified.  The problem here is
that the public parts of the encrypted private parts are not
authenticated and by modifying the public parts and tricking the user to
import such a modified backup, information about the secret key can be
revealed.

GnuPG's internal format to store the private key is not affected by this
problem because the public parameters are authenticated.


Salam-Shalom,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to