On Thu, Oct 17, 2002 at 12:05:33AM -0700, Dale (as zippy) wrote:
For my purpose, I have to assume that someone can hack into to machine storing the encrypted data, and also break into the machine storing the passphrase protected private key, because they are different users on my one and only machine. Only my passphrase is off-site.
So lets assume the passphrase is 30 random digits.
And you keep that on a post-it note in your wallet? :-) The problem with pass phrases is that the really strong ones (like 30 random digits) are impossible to remember. Memorizing pass phrases usually requires that they're based on words, sentences, etc, to which you may apply some obfuscation rules to add non-alphanumeric characters - like c00l d00d 3nc0d1ng. Dictionary attacks on pass phrases are definitely possible, and if the key is valuable, throwing lots of computing power at it may not be the issue. Crypto issues aside, there's a very practical question. Which is, will you use the private key on a machine your potential adversary has access to. If you do, your biggest worry should be that s/he snoops on your tty input and copies your pass phrase as you type it. In general, I think it's a bad idea to store your private key somewhere where you have reason to worry that it gets stolen by an attacker, or modified. I would recommend using a smart card in this case, because you can remove it if you don't need it, and the private key never leaves the card - all operations are performed on-card. So an attacker cannot copy your key to his private machine and try to decrypt it etc. In addition, if keyboard snooping is an issue, you can even use a card reader with a keypad, so that you can enter the PIN without involvement from the host OS. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann