From my understanding, there are two passphrases. One to encrypt the private key... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Tharkun on April 25, 2016 | parent | context | favorite | on: Secure OpenPGP Key Pair Synchronization via IMAP

From my understanding, there are two passphrases. One to encrypt the private key in the usual way. And another one that's used for storage on the IMAP server.

The RNG is, as far as I can make out, only recommend to ensure that users don't use a weak passphrase.

felixhammerl on April 25, 2016 [–]

exactly. the passphrase for the private key isn't touched. the >24 chars passphrase is used for the symmetrically encrypted pgp message.

cvwright on April 25, 2016 | [–]

Oh, OK cool. As long as you're using a good KDF to seed the CSPRNG that sounds great. Thanks for the response.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact