Is it safe to leave my password-protected PGP secret key available publicly?

Question

My PGP secret keys are always password protected, which means you need to decrypt it using a symmetric key to get access to my private key.

I am interested in making my password protected PGP secret key publicly available but I am not entirely sure if I am missing something. Storing my secret key on my computer seems only to be making things harder (security through obfuscation) but not actually doing any good.

considering that i can password protect my private key with a 256 bit AES en.wikipedia.org/wiki/Key_size#Symmetric_algorithm_key_lengths

and that there is theoretical limit for the energy needed to crack a 2^n password using brute force en.wikipedia.org/wiki/Brute_force_attack#Theoretical_limits

What am I missing?

Answer 1

It decreasing your cryptographic strength a lot as brute force attacks to decrypt it could succeed in a shorter time. Typically passwords have not so many bits than the key itself. Unless your password is more than 20 chars I would strongly advise not to do so. Short passwords can be cracked rather quickly.

Answer 2

If you expose your private key, it is good to know that the length of the key itself will not matter as much as the length and randomness of the password you are using to protect it.

Why would you like to expose your private key to the public (even if it is password protected?)

Answer 3

I was going to show you all the math to tell you why you shouldn't make your encrypted private key public, but that was too long to read and too complicated. Here is a simple answer.

You use asymmetric algorithms so that you don't have to rely only on your password! Your password is weak. The asymmetric algorithm is much stronger. If you expose your private key, even if it is encrypted with a password, then you are preventing it from being able to properly serve its purpose.

Answer 4

No you wouldn't want to leave your private key lying around. If they had access to your private key there is always the risk that they could brute force your passphrase or obtain it through eavesdropping on keyboard sounds, key logger, tempest emissions attack, sticking your kid's finder in a light socket... If they don't have access to your private key then they might as well give up, nothing they do or you do is going to get them access to that data.

Answer 5

It's true to say that a proper use of a randomly-generated 256-bit symmetric key with a strong algorithm cannot practically be brute-forced, but as soon as you generate a key from a passphrase - as you typically do with your PGP or GPG private keys - you have violated that assumption. As others have said, it's quite risky. It would be a different matter if you encrypted your private keys under a properly-generated symmetric key and put that key on (say) a USB stick - but then, of course, you have merely pushed the problem sideways and now have a precious USB stick to take care of. If you were really paranoid you might do this but encrypting the symmetric key on the USB stick under a passphrase: then an attacker has to get the stick contents and crack your passphrase in order to steal your private key, which on the face of it is harder than either task alone. But in some cases this is too much hassle...