On Nov 20, 2013, at 1:21 PM, Josef G. Bauer <[email protected]> wrote:
> Hi,
>
> I wonder how easily my private key(s) ('secgring.gpg') can be cracked
> once somebody get access to it.
Not at all easily, *if* you have a good passphrase on your private key(s).
> Q: Is the password stored as an hash and can it be cracked using Rainbow
> Tables? Is it maybe salted?
In OpenPGP, a S2K (string-to-key) algorithm is used, where the passphrase
entered by the user is hashed multiple times (with added salt) to transform it
into the key used to decrypt the secret key.
David
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
