[Owasp-leaders] Is it ok to share the PGP Keys and keep the PassPhrase private?

Rogan Dawes rogan at dawes.za.net
Thu Oct 14 05:56:34 EDT 2010


On 2010/10/14 11:38 AM, dinis cruz wrote:
> Here is a question to the Crypto experts (which I'm not).
> 
> From a security point of view, is it ok if I publish both Public and
> Private PGP Keys but keep the PassPhrase secret?
> 
> My assumption is that: *"as long as the PassPhrase is strong enough, it
> would be not practical to brute force it (even if the attacker knows the
> Private Key)"*. In fact, should the question be: *"How big does the
> PassPhrase be in 2010/2011 time frame for it to be secure?"*

Well, what size PGP keys are you generating? The passphrase should be
that big . . . :-)

Ok, non-flippant answer:

It seems to me that the answer depends on exactly what you are trying to
achieve. If you want to implement passphrase-based encryption, that uses
a standards-based protocol for compatibility reasons (e.g. excluding
encrypted ZIP archives), generating and distributing both private and
public parts is reasonable.

Of course, the security is then only as good as the passphrase is (but
that's still the same as if you were using passworded ZIP), so . . .

If you want top level security, then you should not be distributing the
private keys, unless the passphrase has a similar bitstrength/keylength
as the keys themselves. The user could always change the password to
something more usable once it has been received. I seem to recall
estimates of 3 bits per English word, fwiw.

Rogan


More information about the OWASP-Leaders mailing list