[pass] Adding support for symmetric encryption

Dashamir Hoxha dashohoxha at gmail.com
Tue Jan 26 14:29:12 CET 2016

On Tue, Jan 26, 2016 at 1:23 PM, Lenz Weber <mail at lenzw.de> wrote:

> Adding something new may be fine, although I have no say in what is going
> to be accepted and the mainainer is not often seen around here.
> But I can tell you with high certainty that a change like this, which
> breaks pass in the way it worked before (and a lot of tools are relying on
> that behaviour) will not get accepted.

Sure. I can understand that much.
But I did say that it just a "proof of concept" implementation yet and it
has still to be refined. Your feedback and help is wellcome.

> On the topic why you are introducing all this, I'm not convinced it would
> be a good idea.  Your reasons are that it is "easier, stronger and simpler".
> Easier and simpler may apply, but the selling point of pass is that it is
> a console password manager with a gpg backend. People looking for pass want
> to use gpg - and symmetric encrption is, at best, an edge case of gpg usage.

OK, it was sold to me as a command-line password management tool, and I did
not even understand initially why it has to mess with gpg private keys and
make things so complicated unneccessarily. Cutting the private keys out of
the loop makes it simpler for people like me, who just want to keep
personal passwords, not sharing them with other people, etc.
Maybe there are other command-line tools more suitable, but I am not aware
of them yet.

> Stronger: I do not agree with you. The only way to make it stronger would
> be a passphrase that is longer than your asymetric private key. I don't
> believe anyone uses a passphrase that is >4096 bits long. The weakest part
> is always the passphrase.

Maybe you are right about this. I have just read somewhere that symmetric
encryption is stronger than asymmetric encryption, but maybe it assumes
that the keys are of the same size.

> But in the asymmetric scenario, an attacker would need the passphrase AND
> the key file. In the symmetric scenario, he just needs your passphrase.

If they have your encrypted password files, most probably they also have
your private keys. At least for most of the people, who are not using
smartcards, yubikey, nitrokey, etc. (I am one of them). So, the security
remains up to the passphrase is both cases (asymmetric scenario is not
stronger). But I don't suggest removing the asymmetric scenario. For the
cases when it is needed (having a smartcard, having to share passwords with
other people, etc.) it is great, and I do think that this makes
password-store an enterprise-grade software (even though it is such a small
and simple script).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160126/16ce3fea/attachment.html>

More information about the Password-Store mailing list