On 03/10/13 06:46, mightymouse2045 wrote: > Is this possible with gpg2? I like this because I can use random files taken > from the 100,000's+ static non-changing files
100,000 tries for an attacker amounts to 17 bits of security. This is as little as nothing at all. > There are some files I don't like having to enter a passphrase for each time > due to them be accessed very frequently gpg-agent can remember passphrases for you. You could also look into using a smartcard. With a conventional, on-disk key, the passphrase cryptographically protects the secret key material, so it needs to be complicated to have enough entropy. With a smartcard, you only use a PIN, say 8 digits. 8 numerical digits is 27 bits of entropy, again nothing. But that's not a problem because the card locks after 3 tries; the PIN is not used as a cryptographic key. Entering an 8 digit PIN is much less work than entering a good passphrase. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
