Video Screencast Help

Does changing a key passphrase invalidate the old public key?

Created: 11 Jan 2013 • Updated: 11 Jan 2013 | 7 comments
This issue has been solved. See solution.

I have heard it recommended that the key passphrase should be changed periodically, not unlike your OS's login password. I know a key is really made up by two pieces, a public key (which everyone encrypts with) and a private key (which hopefully only YOU have). So, I really have several questions..

1) Does changing the passphrase invalidate the existing (published) public key?

2) If not, then does the passphrase really have anything to do with either of the keys, if you can change it without invalidating the keys themselves?

3) Or, is the passphrase just a local way for PGP Desktop to ensure that you really are the one who is allowed to USE the private key (like an additional security layer), in which case changing the passphrase just changes the "protective wrapper" around the private key?

thanks,
..dane

Comments 7 CommentsJump to latest comment

Tom Mc's picture

Changing the passphrase has no effect on your public key.

The only thing entering the passphrase does, which is very important, is decrypt your private key so that you can use it for decryption and signing. 

I should add that changing your passphrase changes the symmetric key (that is produced by hashing your passphrase) that your private key is encrypted to,

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

SOLUTION
audiodane's picture

Hi again Tom.  I have NO idea what the last sentance you gave actually means.  ("changing your passphrase changes the symmetric key (that is produced by hashing your passphrase) that your private key is encrypted to")  :(

So the passphrase enables your private key to be encrypted for its own protection.  So changing your passphrase simply re-encrypts the private key, but does not actually change it. To USE the private key for decryption of an incoming email, the passphrase is used to decrypt the private key into its plaintext key value, which is then fed into the email decryption engine to decrypt the email.  Is that a correct understanding?

Anything else I need to be aware of regarding the "symmetric key" that you mentioned (which is an unknown term to me)?

thanks!
..dane

Tom Mc's picture

So the passphrase enables your private key to be encrypted for its own protection.  So changing your passphrase simply re-encrypts the private key, but does not actually change it. To USE the private key for decryption of an incoming email, the passphrase is used to decrypt the private key into its plaintext key value, which is then fed into the email decryption engine to decrypt the email.  Is that a correct understanding?

This is a good understanding of how it works.

You don't really need to know anything else.  Changing a key's passphrase and the resultant encryption of the private key is not something that will produce a problem.  However, you may want to be aware that changing a passphrase will not change the passphrase used to secure any other copy of your private key that you may have backed up somewhere, or which may have been captured by an attacker. 

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

audiodane's picture

Ah yes, good point.  If I have the same key on two machines (work and home, for instance), and I change the passphrase on one, I need to make sure and copy the new-passphrase-protected key to the other computer and purge all copies of the old-passphrase-proected key.. Thank you for that reminder.

Tom Mc's picture

You are welcome.  When you are confident that your questions on this have been sufficiently answered, please use the Mark As Solution option on the post that was most helpful.

When you consider your issue resolved, please click Mark As Solution on the most helpful response.

Search the Knowledge Base &

Alex_CST's picture

Your private key is encrypted, in the same way that data is encrypted to your private key.  something has to control the encryption of your private key, this is what the symmetric key does.  So the symmetric key is essentially a hash of your passphrase, so when you change the passphrase, your symmetric key changes accordingly.  Neither the private or public key changes when you change your passphrase.

Please mark posts as solutions if they solve your problem!

http://www.cstl.com

dfinkelstein's picture

Anyone who would like more details can consult RFC 4880, the OpenPGP standard

http://tools.ietf.org/rfc/rfc4880.txt

The passphrase is used to generate a symmetric key using a "string-to-key" function that combines the passphrase and a random salt value through multiple hash repetitions.

Note also that if you enable "passphrase caching" in PGP products, the actual passphrase is not cached.  Rather, the symmetric key generated from the passphrase is what is cached.

Regards,

--------

David Finkelstein

Symantec R&D