On Wed, 5 Aug 2015 15:02, [email protected] said: > Ok, but the secret Keys in "private-keys-v1.d" are > encrypted with (symmetric) AES128. [...] > My question is, why securing the private key's with sha1?
I am not sure whether I understand your question. If you mean the SHA-1 as mentioned in the algo string of the private key files: openpgp-s2k3-sha1-aes-cbc This describes an algorithm using using AES in CBC mode for encryption, SHA-1 for integrity protection and the String to Key algorithm 3 from OpenPGP (rfc2440). Thus SHA-1 is not used for protection but to detect tampering of the encrypted private key. This is the same method as defined by RFC-4880 but using an S-expression encoding. The decryption part also knows about openpgp-s2k3-sha1-aes256-cbc so to be prepared for the time we want to change to AES-256. However, it is questionable whether this will ever be done. Although the entire construct is safe on practice, it will eventually be replaced by a modern AEAD method. Shalom-Salam, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
