The relation of Passphrases to Private Keys
1 view
Skip to first unread message
Aaron Hastings
May 29, 2012, 10:01:41 AM5/29/12
to galwa...@googlegroups.com, 091labs-public
Hi all,
Posting once again to both lists as I figure this is of interest to either party. This is another one about encryption.
I'm curious about the relationship between a passphrase and a private key when it comes to GPG/PGP encryption. Does a passphrase affect a private key's eventual value when creating said key, or are the two completely separate? I know that, with GnuPG on Linux, the output asks the user to perform various tasks (disk I/O, mouse movements, etc.) to guarantee ultimate "randomness" during the generation process, but is the chosen passphrase also tied into the generation algorithm?
Further to that, when it comes to selecting a new passphrase down the road - is it better practise to delete the existing key and generate a new one with a different passphrase (after ensuring the existing key is no longer needed, of course), or to just edit the passphrase using: gpg --edit-key?
This whole field is new to me and it's evident that even the slightest slip of the mind or lapse of judgement can compromise your entire efforts.
Aaron
Posting once again to both lists as I figure this is of interest to either party. This is another one about encryption.
I'm curious about the relationship between a passphrase and a private key when it comes to GPG/PGP encryption. Does a passphrase affect a private key's eventual value when creating said key, or are the two completely separate? I know that, with GnuPG on Linux, the output asks the user to perform various tasks (disk I/O, mouse movements, etc.) to guarantee ultimate "randomness" during the generation process, but is the chosen passphrase also tied into the generation algorithm?
Further to that, when it comes to selecting a new passphrase down the road - is it better practise to delete the existing key and generate a new one with a different passphrase (after ensuring the existing key is no longer needed, of course), or to just edit the passphrase using: gpg --edit-key?
This whole field is new to me and it's evident that even the slightest slip of the mind or lapse of judgement can compromise your entire efforts.
Aaron
Reply all
Reply to author
Forward
0 new messages