I've just got back into the swing of using pgp and I'm wondering how the private key is encrypted (using the passphrase to decrypt). This has got to written down somewhere, but in my searches the vast majority of answers are false positives 'How does private key crypto work?' rather than 'How is the private key encrypted by the passphrase?'
Additionally: Would it be right to say that private keys are symmetrically encrypted because it took a passphrase to encrypt it, and that same passphrase to decrypt it?
Lastly: What is the reasoning behind using a passphrase to encrypt the private key? Is it just that added layer of protection, if your private key file is compromised you are then able to revoke and reissue keys before an attacker can brute force the passphrase?
Thanks!
Aucun commentaire:
Enregistrer un commentaire