Is it ok to share the PGP Keys and keep the PassPhrase private?

Here is a question to the Crypto experts (which I’m not).

From a security point of view, is it ok if I publish both Public and Private PGP Keys but keep the PassPhrase secret?

My assumption is that: “as long as the PassPhrase is strong enough, it would be not practical to brute force it (even if the attacker knows the Private Key)”. In fact, should the question be: “How big does the PassPhrase be in 2010/2011 time frame for it to be secure?”

To see this in practice check out the latest script/tool that I just added to the OWASP O2 Platform which dramatically simplifies the process of using PGP (creating keys, encrypting/decrypting text and encrypting/decrypting files):

As you can see, this O2 tool will really enable this workflow (sending the both Public and Private Keys to the client in a non-encrypted zip and then sending the PassPhrase in an offline/out-of-band method), so I’m really trying to figure out if this is a good idea :)
Finally, for the really hard-core crypto guys, can you take a look at how I implemented the BouncyCastle Crypto APIs to make sure I did it correctly: http://code.google.com/p/o2platform/source/browse/trunk/O2_Scripts/APIs/OpenPgp/API_OpenPgp.cs

Thanks

Share
  • http://madduck.net martin f. krafft

    Once published, you cannot ever change the passphrase on keys that have been copied since. If tomorrow, a groundbreaking password attack gets spread, your key will be lost.

    Apart, there is never just one passphrase that deciphers a key; theoretically, there’s an infinite amount. Passphrases are based on hashing, and the number of hashes are limited. Hence, by the pigeon-hole principle…

    Finally, security needs to be multi-tiered, and public-key crypto gives you “what you have” and “what you know” for free. Why undermine that?

    Summary: hell no! Do *not* publish your private keys *ever*.

  • Lawrence Pingree

    I agree whole heartely with Martin, no way. The whole purpose of the private key and passphrase is to ensure teo factor authentication. 1- must have the key 2- must know the password to decrypt.

  • Jason

    My PGP pass phrase is 35 characters long and I still wouldn’t voluntarily give anyone else my private key.

    As martin f. kraft said, once you publish your public key and people start using it, you can never, ever change your pass phrase.

    I’ve been using mine for 10 years and I’d hate to lose all of those encrypted docs and emails just because I got haughty.