FW: Physical storage of key is the weakest link
Claborne, Chris at SanDiegoCA
claborne at microcosm.sandiegoca.NCR.COM
Wed Jul 6 19:06:19 PDT 1994
<< some suggestion to keep keys secure on floppy>>
<<Lance Cottrel writes:
If your passphrase is good (128+ bits of entropy), then your private key is
as secure as the messages that you send. Although it need be broken only
once, I see no real danger of IDEA being compromised in the near future.
Given a good passphrase, I would suggest that you want multiple copies of
your key to prevent loss or accidental destruction. My passphrase is > 30
characters. Fortunately Mac PGP remembers the key during any given session
so typing is kept down a bit.
>>
If you are really paranoid, keeping your private keys super secure is a good
idea. If a bad guy were come and steal them all she needs to do find out
your passphrase (using all kinds of attacks.... camera over your desk....)
and bingo, they can read all past and future message traffic to you...
... __o
.. -\<,
chris.claborne at sandiegoca.ncr.com ...(*)/(*). CI$: 76340.2422
PGP Pub Key fingerprint = A8 FA 55 92 23 20 72 69 52 AB 64 CC C7 D9 4F CA
Avail on Pub Key server.
More information about the cypherpunks-legacy
mailing list