Both OpenSSH and GPG can generate key pairs which are stored as disk files by default. A passphrase is always asked for during the generation process, which is then used to encrypt the contents of the private key using a symmetric encryption algorithm.
I'd like to know if these programs do also apply a key stretching technique such as PBKDF2 or scrypt to the passphrase before using it. Supposing one of these files was ever compromised I'd like to make sure that deriving the real key takes about 10-20 seconds on commodity hardware, thus rendering bruteforce attacks impractible. Is that even possible?
Aucun commentaire:
Enregistrer un commentaire