What are the risks associated with partially know cipher keys

Werner Koch wk at gnupg.org
Tue Sep 7 05:06:29 PDT 2004

On Tue, 7 Sep 2004 13:24:39 +0800, Padraig MacIain said:

> problem. However, does it offer a great risk for something like
> OpenPGP if the passphrase used to access the secretkey  is partially

That depends on quality of the passphrase; it makes dictionary attacks

> compromised? And in turn if the passphrase is completely known yet the
> secret key is still secured (physically) does knowing this passphrase
> risk a complete compromise of the key pair?

No.  The protection of the private key is is independent of the key.
They are in no way related.  The key is based on a random string and
only the protection of this key is based on the passphrase.  This
protection only helps against a lost (but protected) private key.



More information about the cypherpunks-legacy mailing list