[pass] pass security

Lucas Hoffmann l-m-h at web.de
Wed Jan 21 10:32:07 CET 2015


On Wed, Jan 21, 2015 at 06:52:44AM +0200, Dimitris Zervas wrote:
> Hello,
>
> First of all, I am sorry, because i guess that these questions have been asked a lot, but I failed to dig them from google.
> I want to use pass, but I am concerned about the security.
> 1. Why do you use asymmetric and not a symmetric algorithm? I haven't seen any disk encryption system use public-private key.

It is often less work to encrypt and decrypt with symmetric algorithms.
Wikipedia states "symmetric key algorithms are nearly always much less
computationally intensive than asymmetric ones"
(https://en.wikipedia.org/wiki/Public-key_cryptography#Understanding)  I
don't know their source but I have heard this argument somewhere before.
That might be the reason for disk encryption to use it.  But I think it
is not a concern for a use case like pass.

> 2. What about pipes? Are they safe? Can't someone read all the plaintext?
> 3. What about swap? Plaintext might be saved in swap and stay on the disk forever.
> 4. Why clipboard? Isn't auto-typing safer?

Sorry, I can not answer the other questions.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20150121/0b04d915/attachment.asc>


More information about the Password-Store mailing list