Re: handling private keys

To: Radu Spineanu <radus@smartpost.ro>
Cc: debian-security@lists.debian.org
Subject: Re: handling private keys
From: Edward Faulkner <edfaulkner@gmail.com>
Date: Tue, 28 Jun 2005 09:20:42 -0400
Message-id: <[🔎] 9044cb32050628062062690df@mail.gmail.com>
Reply-to: ef@alum.mit.edu
In-reply-to: <[🔎] 42C14D52.4060702@smartpost.ro>
References: <[🔎] 42C14D52.4060702@smartpost.ro>

On 6/28/05, Radu Spineanu <radus@smartpost.ro> wrote:
> Has anyone heard of an implementation, or at least a whitepaper related
> to creating some kind of secure zone where i can keep these keys ?

If you're using strong enough passwords, your keys would still be
pretty safe.  An attacker could try cracking them offline, but that
could take a very long time.

As to your question, once someone roots your box all bets are off.  If
you're really paranoid about these keys, keep them on a dedicated
machine that's extremely locked down.  Or even a machine with no
network at all, and move data back and forth on a usb drive.

-Ed

Reply to:

Follow-Ups:
- Re: handling private keys
  - From: Radu Spineanu <radus@smartpost.ro>

References:
- handling private keys
  - From: Radu Spineanu <radus@smartpost.ro>

Prev by Date: handling private keys
Next by Date: Re: handling private keys
Previous by thread: handling private keys
Next by thread: Re: handling private keys
Index(es):
- Date
- Thread