| 1 |
Grant wrote: |
| 2 |
|
| 3 |
> My understanding of GPG is weak. Can someone point out my misconception(s)? |
| 4 |
|
| 5 |
Speaking from a purely practical standpoint, keeping your private and |
| 6 |
public keys completely separate is extremely inconvenient with (IMO) a |
| 7 |
negligible security benefit. |
| 8 |
|
| 9 |
However, there is arguably a much bigger security issue with keeping |
| 10 |
your private key on a remote server, particularly one you have no |
| 11 |
control over. Pulling your keypair locally and doing any decryption |
| 12 |
operations locally is a much easier, and more practical, improvement. |
| 13 |
|
| 14 |
If you keep the two halves of your keypair physically separate, then an |
| 15 |
attacker would need to get two distinct pieces of information in order |
| 16 |
to break any encryption using your keys. For extremely high security |
| 17 |
purposes, this may be a worthy benefit. For something like email, your |
| 18 |
public key should be considered common knowledge anyway. If an attacker |
| 19 |
can gain control of your private key, the extra burden of getting your |
| 20 |
public key is insignificant. |
| 21 |
|
| 22 |
Put another way: a file containing both your public and private key |
| 23 |
contains essentially the same amount of secure information as a file |
| 24 |
containing only your private key. So long as your private key is kept |
| 25 |
secure, with or without your public key, your risks should be minimal. |
| 26 |
|
| 27 |
--K |
Archives