|
Key Security: Symmetric Encrypting Individual Files
If I am using 'gpg -c --cipher-algo AES256 filename.tar' to symmetrically encrypt a .tar archive, is there a key file somewhere on the hard disk? What I mean is, if someone stole my computer, and the filesystem itself wasn't encrypted, would they even have to bother trying to guess the passphrase, or is there a file similar to the private key that is created for RSA that can just decrypt anything?
Thanks, mmmmtmmmm |
They may try guessing passphrase
SFX: http://www.spreadfirefox.com/?q=affi...211983&t=1 |
afaik (I could be wrong on this), most apps that use symmetric key encryption and prompt you for a password generate a key based on a hash of that password. At least, the utility "aes" does that.
In that situation, the password is the source of the key, which means a weak password => an easy-to-get key. However, no key file would be stored on disk. You might give it a try and check if your keychain changed as a result of it... |
Totally forgot I'd posted this ;) Thanks for the responses.
OK, so even if someone gained root access to my computer, they would still have to know the passphrase to decrypt a symmetrically encrypted file? ----mmmmtmmmm |
That is correct. But if someone gained root access to the system, they'd likely be able to use a wide variety of methods to get your password or get around it next time you accessed the file in question. Basically, there's no security on a compromised system. All you can do is prevent the system from being compromised or detect when it is.
|
| All times are GMT -5. The time now is 09:39 AM. |