Is PGP symmetric encryption as effective as Apple Keychain?

2

2

I used to use Apple's Keychain to store passwords, but I got tired of trying to figure out how to transfer them when I changed computers, so I switched to using a text file encrypted with gpg symmetric encryption:

$ gpg --symmetric my_passwords.txt

Is this any less secure than the Keychain app?

The file has 0600 permissions, and it seems like even if I was using gpg w/ a public/private key, if someone got access to the my_passwords.txt file they'd have access to my private key anyway.

aaron

Posted 2010-06-25T12:32:44.067

Reputation: 481

Answers

2

As far as I know, PGP encryption has never been broken.

So my answer would be: PGP is as least as pretty good as Apple's Keychain.

harrymc

Posted 2010-06-25T12:32:44.067

Reputation: 306 093

ha! funny pun :) – Michael Pryor – 2010-06-25T12:58:22.703

http://tvtropes.org/pmwiki/pmwiki.php/Main/IncrediblyLamePun? :-) – Joey – 2010-06-25T13:01:13.280

@Johannes Rössel: Sorry - will try to improve in the future. – harrymc – 2010-06-25T13:38:29.003

Tropes aren't bad ;-) – Joey – 2010-06-25T20:07:09.663

1

The default symmetric cipher used by gpg is CAST5 while Mac OS X encryption tools (File Vault) use 128-bit AES cipher.

Both ciphers are considered secure against "cryptographic breaks" so their security for encription is related only to the security of the password.

mrucci

Posted 2010-06-25T12:32:44.067

Reputation: 8 398

Asked: 2010-06-25T12:32:44.067

Viewed: 533 times

Active: 2010-06-25T17:59:56.673