tcmay@netcom.com (Timothy C. May):

...

after you have entered the pass phrase, the secret key is available within your machine, and could be stolen, and if your OS leaves pagefiles etc arounnd, might even be taken after you shut down PGP. Or am I missing something? Thanks, Andy

I haven't seen a formal analysis of the strength of PGP if the secret key is known but the passphrase is still secure, but from conventional crypto we would assume that the search space would be greatly reduced.

The secret key is _encrypted_ with the passphrase. Strength of PGP with a known secret keyFILE, not key, and unknown passphrase, is the strength of the cipher used to encrypt the secret key with. In this case, the strength of IDEA. Of course, your pass phrase is as susceptible to dictionary attack as your UNIX password, and it would be easier to decrypt a message by decrypting through such attacks or brute force your keyfile, than to factor large numbers to get at your session key.

You obviously can't do with just the paIn short, these are reasons to keep your secret key secret. Your passphrase alone may be insufficient (else why not just dispense with the secret key and just have a passphrase?).

RSA would have a tough time using a 11 char English phrase as an exponent ;-) To quote from the PGP manual: PGP also asks for a "pass phrase" to protect your secret key in case it falls into the wrong hands. Nobody can use your secret key file without this pass phrase. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ps. as Tim correctly said, Jains don't like killing living things. They are Jains, not Jainists (followers of some hypothetical Mr. Jain?); the word comes from the Sanskrit for 'to overcome'. ----------------------------------------------------------------------------- Rishab Aiyer Ghosh "Clean the air! clean the sky! wash the wind! rishab@dxm.ernet.in take stone from stone and wash them..." Voice/Fax/Data +91 11 6853410 Voicemail +91 11 3760335 H 34C Saket, New Delhi 110017, INDIA