use key, not passphrase, in symmetric encryption

sweepslate sweepslate at gmail.com
Mon Oct 17 13:51:03 CEST 2011


The end goal is to encrypt a volume of around 100GB of personal files 
that I'll be carrying arround with me in a portable drive.

It's around 14000 files, so I can't possibly encrypt them one-by-one 
interactively! Doing a tarball is going to be time-consuming, space 
consuming [1], and cumbersome. Also the process can't be stoped (and 
it's going to be a big process), and the only thing I'm gaining is 
hidding the original filenames, which I do not care in this scenario. So 
I'd like to avoid the tarball. If possible.

So I concluced that I need a non-interactive, 'scriptable' if you'd 
like, way to perform the action.

I wanted to use symmetric so as not to add unnecessary complexity to the 
solution. I'm only encrypting to myself.

I wanted to use something larger than a passphrase so I wondered if I 
can use a key. But on a second thought, I could use a SHA512SUM as a 
passphrase, which is 128 bytes in length. That makes it 1024 bits; 
correct? It's like a small key. I could use 4 of them combined for the 
strength of a key of 4096 bits.

If it's not possible to use a key or a 128-512 bytes passphrase, I could 
go for the classic way of public-private key. But I want to keep public 
key encryption as a last resort (I have reasons additional to complexity).

The key point is doing the encryption of 14000 files in a 
non-interactive way.

[1] While encrypting single files can be done progressively, in the same 
drive, without requiring exta space.

On 10/17/2011 4:37 AM, Doug Barton wrote:
 > On 10/16/2011 14:37, sweepslate wrote:
 >> I want to encrypt a file symmetrically but use a key instead of a
 >> passphrase.
 >
 > It's sort of hard to understand what you're trying to accomplish, can
 > you give us more details?
 >
 >
 > Doug



More information about the Gnupg-users mailing list