7 Sep
2004
7 Sep
'04
7:15 a.m.
On Tue, 7 Sep 2004 13:24:39 +0800, Padraig MacIain said:
problem. However, does it offer a great risk for something like OpenPGP if the passphrase used to access the secretkey is partially
That depends on quality of the passphrase; it makes dictionary attacks easier.
compromised? And in turn if the passphrase is completely known yet the secret key is still secured (physically) does knowing this passphrase risk a complete compromise of the key pair?
No. The protection of the private key is is independent of the key. They are in no way related. The key is based on a random string and only the protection of this key is based on the passphrase. This protection only helps against a lost (but protected) private key. Salam-Shalom, Werner