[pass] Possible improvements

Lucas Hoffmann l-m-h at web.de
Tue Jan 26 15:45:33 CET 2016 

Quoting Dashamir Hoxha (2016-01-23 15:03:31)
> Why do you use asymmetric encryption (public/private keys).
> I think that symmetric encrypion is easier, stronger, and simpler
> (you don't need to generate and maintain a key, all you need is
> a passphrase). It can be done with `gpg -c ...`.

I have two question/concerns about the use of symmetric encryption.  I
assume that I store one password (or one secret) under each name in
pass.  GPG symmetric encryption needs a passphrase for each
symmetrically encrypted file.

1. But that leads to a situation where I have to remember one GPG
   passphrase for every secret I want to store in pass.  In my opinion
   this kills the main feature of a password manager:  To store many
   secrets and unlock them with few/one (preferably strong)
   passphrase(s).
2. I could reuse the same passphrase for several secrets in pass (in
   order to circumvent point one).  But then I still have to type in the
   same passphrase for every new secret I add to pass.  And I would have
   to enter the passphrase for every secret in pass separately when
   retrieving them.  This is because gpg-agent can and should never
   notice that to different files (both symmetrically encrypted) have
   the same passphrase.

Point two can be tested like this:  Encrypt two files and enter the same
passphrase each time (say "foo"):

echo test1 | gpg -c > test1.gpg
echo test2 | gpg -c > test2.gpg

Now kill the gpg-agent (neccessary as it did store the passphrases after
encryption):

pkill gpg-agent

Then try to decrypt the two test files in any order repeatedly:

gpg -q < test1.gpg
gpg -q < test1.gpg
gpg -q < test2.gpg
gpg -q < test2.gpg

You will notice that gpg asks you for the passphrase of each file on the
first run it decrypts *this* file, regardless if another file with the
same passphrase was already decrypted and the passphrase stored in the
gpg-agent.

So regardless of any strength considerations about symmetric and
asymmetric encryption I do not see any advantage in the interaction with
pass when using symmetric encryption.

Cheers
Lucas

PS: Don't let the length of this argument stop you from proofing me
wrong :)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20160126/2c51fa5d/attachment.asc>

More information about the Password-Store mailing list