2
gpg2 man pages says following:
`Note that exporting a secret key can be a security risk if the exported keys are sent over an insecure channel.`
I assume that exported key is encrypted with passphrase. What are security risks if I put exported encrypted secret key on public file server, considering that passphrase is long enough?
Konstantin Rybakov
Posted 2019-12-21T15:29:25.983
Reputation: 125
0
The encryption of your secret key is only one component of the private key's security; the other component is that only you posess it. Sending the private key (even if encrypted) over a public channel allows an eavesdropper to get the (encrypted) key file. Then an brute-force attack on the passphrase could be started and your private key could possible be disclosed.
I read that a random German sentence of 80 characters (corresponding to approximately 20 random characters) would be strong enough to protect a 1024 bit RSA key. My guess is that the average user's passphrase is much weaker than that, so keep your secret key away from public if possible.
U. Windl
Posted 2019-12-21T15:29:25.983
Reputation: 143
0
The key is not encrypted when exporting. For this reason you get the warning.
Matteo
Posted 2019-12-21T15:29:25.983
Reputation: 6 553
Thanks for the response. Is there any documentation that says it is not encrypted? I understood it such passphrase is used to decrypt secret key each time it is used or imported and i works just like pem encrypted private key. – Konstantin Rybakov – 2019-12-21T16:41:32.130
In the documentation there is no mention of encrypting. When you export it, you are asked for the password to decrypt it, but there is no prompt for a transport password. – Matteo – 2019-12-21T16:45:42.683
When you import exported secret key on another machine, which is unaware of that key existence, you are asked for passphrase, which means that the key you are importing is encrypted. If it were raw - another machine would not be able to verify previously set passphrase. – Konstantin Rybakov – 2019-12-21T16:54:50.840
I just tried, exported on one machine, scp to a second machine, imported it. No password prompt. – Matteo – 2019-12-21T16:58:05.207
@Matteo Was your key passphrase encrypted prior to the export? – JW0914 – 2019-12-21T16:59:52.757
Hm. it asked on mine and verified it. I am using gpg2. Try now signing something with that key. Will it ask for the old passphrase? – Konstantin Rybakov – 2019-12-21T16:59:58.490
passphrase is set when you generate new key and it is not encrypted. It is used to encrypt your secret key and it is not stored anywhere on the machine. – Konstantin Rybakov – 2019-12-21T17:01:33.877
@KonstantinRybakov I've exported subkey and master key secret keys before with the secret key staying encrypted (My question was regarding Matteo's comment, as a key can be created without encryption.) This is further explained on StackOverflow here and here, as well as in the GPG man page for --export-secret-keys / --export-secret-subkeys; --export just exports the public keys.
@JW0914, Thanks, so they are encrypted by default. I am confused by that sentence from man pages: if the secret key is exported encrypted with good long passphrase, is there any other security risks if the encrypted key is publicly available or "sent over an insecure channe"? – Konstantin Rybakov – 2019-12-21T17:25:47.337
1
@KonstantinRybakov Provided it's encrypted w/ a min of 16char, containing at least two each of lowercase, uppercase, numbers, and symbols, it would guarantee the passphrase will remain uncrackable (it would take the largest known botnet [to date] using GPUs over a thousand years to try 50% of the possible passphrases, assuming a possible 80 different characters [math] could be used). If security is a real concern, export on an air-gapped device, then immediately securely erase the drives 5x - 7x w/ random characters.
– JW0914 – 2019-12-21T17:33:35.927@JW0914 - Thanks! – Konstantin Rybakov – 2019-12-21T17:44:53.063
Why do you assume that the key is exported encrypted? – Matteo – 2019-12-21T16:26:33.257
@Matteo Because it's how PGP worked. – U. Windl – 2019-12-21T18:50:25.673