Is it possible to publicly leave a PGP secret key password protected?

Question

Is it possible to publicly leave a PGP secret key password protected?

My PGP private keys are always password protected, which means you need to decrypt it using a symmetric key in order to access my private key.

I am interested in making the PGP secret key protected by a password publicly available, but I'm not quite sure if something is missing. Storing my secret key on my computer only seems to make things harder (security through obfuscation), but actually does nothing good.

given that I can password protect my private key with 256-bit AES http://en.wikipedia.org/wiki/Key_size#Symmetric_algorithm_key_lengths

and that there is a theoretical limit to the energy needed to crack a 2 ^ n password using brute force http://en.wikipedia.org/wiki/Brute_force_attack#Theoretical_limits

What am I missing?

+3

cryptography key pki pgp

Sam goto 21 sept '10 at 4:33

source share

5 answers

jdehaan · Answer 1 · 2010-09-21T04:36:30+0000

This greatly reduces your cryptographic strength, since brute force attacks to decrypt it can succeed in less time. Usually passwords do not have as many bits as the key itself. If your password does not exceed 20 characters, I would strongly advise against this. Short passwords can be cracked pretty quickly.

Lunatic Experimentalist · Answer 2 · 2010-09-22T04:39:31+0000

, , , , . .

, ! . . , , .

Martin Paljak · Answer 3 · 2010-09-21T05:58:11+0000

, , , , .

( ?)

MrEvil · Answer 4 · 2010-10-02T17:28:21+0000

, . , , , , , ... , , , .

crazyscot · Answer 5 · 2010-10-02T18:11:32+0000

, 256- , - PGP GPG - . , . , () USB-, , , USB- . , , USB- : , , . ...

Is it possible to publicly leave a PGP secret key password protected?

More articles: