Daniel P. Barron

It’s somewhat clunky

July 22, 2016

From the flaming pit that is reddit:

submitted 2 days ago by subkeyquestion

I just created my first PGP key but I was told it’s unsafe to sign and encrypt with the same key. How do I make a subkey for encryption and where should I store my master signing key?

danielpbarron -1 points 2 days ago

You don’t encrypt with your key. You decrypt and sign with it. And sub-keys are crap. Just make a 4k 2ki RSA key using an old version of gnupg (1.4.whatever) and then register it with deedbot in #trilema on freenode.

As for where to create and store the key: on a machine that has not ever been connected to any networks.

djhaskin987 3 points 1 day ago

I tried to read about why subkeys are bad in your link. Can you tell me more about why subkeys aren’t good? Is it easy to fake them or something?

danielpbarron -1 points 1 day ago

It’s because it’s an unnecessary layer of complexity. Being unnecessary, they add no security. Being complex, they add an attack vector. All you need for secure messaging and the ability to sign statements is a single RSA key, and GnuPG version 1.4.x is currently the most suitable method for achieving this.

No matter the pheature you think sub-keys provides, you are better off obtaining it through means separate from the PGP protocol. For example, creating a 2nd key and signing a statement to the effect that it is your backup key in case the original one is compromised. Or similarly, creating a temporary key, signing it with the main one, use it for a bit, and then destroy it, for “perfect forward secrecy” or whatever. These use cases never come up in the real world, but they are possible, and do not require a mess of unnecessary and potentially exploitable code.

shroom_throwaway9722 0 points 1 day ago

It’s because it’s an unnecessary layer of complexity. Being unnecessary, they add no security.

You failed to explain why they are unnecessary. Try again.

All you need for secure messaging and the ability to sign statements is a single RSA key

This is dangerous. You have to store that single key on a machine you use daily. Using an airgapped machine for everything carries its own problems.

For actual daily use, subkeys work well. That’s why they exist.

and do not require a mess of unnecessary and potentially exploitable code.

This is the dumbest fucking thing I’ve ever read.

Do you think that GnuPG is somehow compromised specifically with regard to subkeys? Do you think that you’re somehow safe if you don’t use subkeys? If you think GnuPG magically becomes “a mess of unnecessary and potentially exploitable code” when used with subkeys, then it’s not trustworthy in any scenario.

So what is Mr. Shroom Throwaway 9722’s suggestion for our crypto n00b?

It’s somewhat clunky, but the most secure option is to have an offline main/master key that is stored on some sort of protected mediaii and only used temporarily on a secure airgapped machineiii to create subkeys, revoke subkeys, revoke itself,iv sign other people’s keys, or extend trust to a new key. For everything else (signing & encryption) you use the subkeys only. This way, your main key is well-protected from attack. If your daily-use computer gets compromised, you boot up your secure airgapped machine (preferably running some sort of live USB distro), get your master key out of your safe, revoke the subkeys, and create new ones. Then you take the subkeys and install them on your computer and update the keyservers.

Check out this guide on how to do it: https://alexcabal.com/creating-the-perfect-gpg-keypair/v

If you want to go a step further and get a GPG smartcard such as a Yubikeyvi for storing your subkeys, combine the previous guide with this one: https://www.esev.com/blog/post/2015-01-pgp-ssh-key-on-yubikey-neo/vii

Good luck!

Yeah. You’ll need it going to the USG’s den of misinformation for help on how to create RSA key-pairs.

  1. Correction: 4k keys are not more secure than 2k due to bad code in gnupg.
  2. Protected with what? Anonymity?
  3. Is the airgapped machine not “protected” ?? ...
  4. Bzzzz!! Never revoke. No such thing.
  5. Actually a lot of the advice on this page isn’t bad.
  6. Nope.
  7. Full of bad advice.

Leave a Reply

Your words may be altered or altogether purged in accordance with my preference to abstain from publishing statements that may be unnecessarily offensive to other readers. Your criticism is welcome. Your name and website are optional. Some HTML tags are allowed.