KeePass or any other password wallet to store and transport keys
Robert J. Hansen
rjh at sixdemonbag.org
Wed Jul 25 07:12:45 CEST 2012
On 7/24/2012 10:21 PM, Faramir wrote:
> Clearly I'm out of my league there. I had heard about that, but later
> I also heard about stacking different algos (with different keys of
> course) to increase security.
I'm unaware of any reputable reference that recommends this practice.
That's not to say no such reference exists, only that if one exists I'm
unaware of it.
> Anyway, do you know about any list of "compatible" encryption
> algorithms? I mean, pairs that work well together.
The better question, to me at least, is "why would I want to do this?"
Cryptosystems tend to fail predominantly due to human error, then to
software bugs. Consider that since PGP 2.6 was released in ... what was
it, '91? ... not one single encryption algorithm used by PGP has ever
been broken. Although IDEA is not well-regarded by modern standards
it's still a safe cipher; and RSA is still, well, RSA.
If the algorithms are unlikely to be broken but the likelihood of
security-impacting software bugs is essentially certain, then stacking
algorithms would seem to be ill-advised. Stacking algorithms increases
the complexity of the code, increases the number of keys which must be
managed, and so forth. Rather than enhancing security, my suspicion
would be that it diminishes it by increasing the complexity of the system.
More information about the Gnupg-users
mailing list