"Michael Young" <mwy-pgpu89(_at_)the-youngs(_dot_)org> wrote:
Does PGP7 or GnuPG provide the ability to use a separate
passphrase for the master key and its subkeys? I'd like to
use my master key rarely, for key-signing only, and protect
it with a passphrase that I almost never use. I'd then use
(limited-lifetime) subkeys for everyday decryption.
Ideally, I'd be able to make a subkey for everyday signing
of messages.
[...]
Any thoughts?
I don't think what you're trying to do is a good idea.
The basic premise is that you want to keep your key-signing key more
secure than your everyday decryption and message-signing keys. You
propose to do this by giving your key-signing key a different
passphrase - presumably one that is more secure?
You are naturally remembering passphrases rather than writing them
down, since you care about security so much. Since you can remember
the more secure passphrase, why not enjoy greater security by using
that passphrase for everything, rather than using a weaker passphrase
for the other parts?
- It means there are two passphrases to crack not just one.
Not true. Anyone who obtains your key-signing key and determines
its passphrase gains the authority to replace your message-signing
and decryption keys, which is almost as useful to them anyway.
- It means that if your everyday passphrase is captured by a keyboard
sniffer, your key-signing passphrase is still safe.
True. On the other hand, you are still presumably going to use
your key-signing passphrase on occasion, and your computer will be
no more secure against sniffing when you do; anyone who is able to
capture passphrases you type will probably get both.
- The everyday passphrase can be easier to type.
True - just about the only thing I can see in favour of the
scheme.
Remember that, of the passphrase and the secret key, the passphrase is
the weaker element of your protection from impersonation. If you are
taking extra precautions with your key-signing key, you should
seriously consider keeping it on a floppy or similar, rather than
leaving it on your PC - this is a much more significant improvement in
security than using a different passphrase.
If you're going to keep your key-signing secret key offline, you want
to be able to split apart the different secret subkeys of a key, too.
Isn't it far simpler just to make a separate key-signing key, rather
than looking for a way to do this with subkeys? This is certainly a
method a lot of people have used for years.
--Clive.