Re: [Feature Request] multiple files sélection in addition to password and "no file" agent

devm23k73ju29h3r at dolce-energy.com devm23k73ju29h3r at dolce-energy.com
Wed Jun 10 23:25:48 CEST 2026 

Le 09/06/2026 à 20:08, Robert J. Hansen via Gnupg-devel a écrit :
>> More due to IA hype, computing power will increase (and if not pure 
>> computing power of a single system, there will be several system to 
>> make parallel work)
>
> Argon2 and PBKDF2 are both designed to be highly resistant to brute 
> forcing. Brute force attacks on Argon2/PBKDF2 passphrases are really 
> not a thing.

I'm not speaking of the algorithm that are secure, but even the best 
ciphering algorithm is weak if you have a 1 digit password...

the key here is the limit of human brain... remembering a pure random 12 
char is too much for most people, me including

>
>> I use veracrypt for long now, as well as keepassXC. What I love is 
>> the ability to use a file in addition to the password, this solve the 
>> issue of strengh really fine, just have to remember a file or 2 or 
>> more (sadely only one file for keepassXC) and it compute a password 
>> based on the file content (didn't looked the code, but doing a sha256 
>> hash will produce a 64 [A-Z][a-z][0-9] password, that is purely 
>> random, so no dict attack, and surely strength that won't allow even 
>> brute force parallel attack)
>
> This sounds like a misfeature for GnuPG. I would like to see this not 
> adopted.
I see it as a way to improve the security...
>
>> this require lite knowledge to remember and every file can be used, 
>> just peak your favorite familly photo, vacation photo, song, a 
>> video... anything as long you won't modify it.... easy....
>
> ID3 tags in MP3s and/or Exif tags in JPEGs are specifically intended 
> to be modifiable, and some applications will silently update ID3 tags 
> and/or Exif tags without explicitly telling you. (E.g., if an MP3 has 
> ID3 v1 tags, your music player might silently upgrade them to ID3 v2 
> tags.)
it's up to me to ensure it won´t... I've no such application that update 
exif/id3tag and also check for file corruption (or some intruder 
injection) via cron job... never detected any.
>
>> this would not even allow to know if the password provided was truly 
>> guessed : the result is still random bytes, so you can't know you 
>> truly guessed the password, so even a weak password could become 
>> strong (I'm right?)
>
> This is not how entropy and information theory work.

I'm not understanding the sentence... what I'm saying is :

if I cipher a file with a strong password created with information 
hashed from a file (that will likely create uniq data, since even a 
CRC32 has  1 in 4.29 billion chance to create the same crc... and crc32 
is not comparable to sha256 and others) that can include even not 
type-able characters

and then cipher the result with a weak password

if an attacker try to bruteforce it, of course the weak password will be 
easily broken, but what the attacker get is a ciphered result. The 
attacker can't know if the password was guessed because the result is 
still a ciphered result.

if I only use a file to create the password, it's weaker than a password 
: the attacker has only to try every file one by one and even if I have 
lot of photo, videos and songs, it will succeed

it require several information to succeed : the password, how many file 
I used, and the order of the files/password... the 3 informations are 
easy to remember, when a strong password "~-'wH[+5^g.m" is difficult to 
remember

>
>> what I would love, is the veracrypt threat security mechanism : 2 
>> private keys in the same key file, if I provide one password/file I 
>> get the 1rst key, if I provide another I get the second key. This 
>> could allow to disclose "I'm under threat" information without anyone 
>> knowing it
>
> If you get arrested by the secret police, they *will* know about 
> Veracrypt and the second passphrase option. They will demand both and 
> won't stop torturing you until you provide them.
>
> What's worse is if you're not using this feature. The secret police 
> are now torturing you for a passphrase that doesn't exist and you 
> can't give them. This also means *you can't make the torture stop*.
>
> This is a horrible misfeature of Veracrypt. It's going to get one of 
> their users killed someday, if it hasn't already.

if you get arrested by the secret police, they will assume you hidden 
some sensitive information somewhere else in another ciphered file. And 
that you disclosed the information that is meaningless. so they will 
continue torture you to death for you to disclose the other true file 
that contain the true information, that don't exist... lol... ciphering 
any information is horrible misfeature of ciphering tools ;)

best regards

More information about the Gnupg-devel mailing list