[pass] Feature requests: scrypt key derivation / salts
Jonas Wagner
j.b.w at gmx.ch
Sat Dec 28 09:17:49 CET 2013
Hi,
> I am against implementing any cryptography in-house. We are not
> cryptography experts.
>
This makes sense. Probably the functionality could be (or is) built into
GPG? I read in the documentation that there are several "string-to-key"
functions for converting passphrases to encryption keys. There is an
iterated variant, but I don't know whether it is being used and how the
iteration count is being determined. I might ask on GPG's mailing list.
- OpenPGP uses hybrid encryption, and the symmetric key will be
> different each time;
> - GPG uses a random IV.
>
Great, thanks! Indeed the files seem to change if I save them without
modification.
Cheers,
Jonas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20131228/4629f77f/attachment.html>
More information about the Password-Store
mailing list