Loading…

		

		
		
		
		
		

	
						
		
			

				
				

					
					
Passwords and Keys

				

				
				

					


	
Passwords and Keys



	

	
		
Simple Keys



		
Password


		

			Password, or rather passphrase, is the most commonly used type of key.
			Its usage is pretty obvious and does not need any explanation. The main problem with
			passwords derives from human imperfection – simple and short passwords are easy to guess;
			long and complex ones are easy to forget. There also are several less obvious pitfalls –
			check our article How to Choose a Good Password
			for a few tips.
		


	
		
Binary Key


		

			Ciphers can’t use textual passwords; a password first needs to be converted to a binary
			form (which is called hash or digest). It seems logical to skip the conversion
			step, i.e. to produce a binary code and use it directly as a key.
		


		

			Kryptel and Silver Key packages include a small program that generates a unique binary
			value and stores it in a file. The user can then copy the key file to a flash stick and
			insert the stick instead of typing a password.
		


		

			Binary keys are strong, reliable, and very easy to use. The bad side is that a binary key
			is also very easy to steal – copying its tiny file will take just a couple of seconds.
		


		

			See also Binary Key Primer.
		


	
		
Yubikey


		

			Yubikey is a specialized USB device looking as an ordinary flash stick. It in fact is
			an improved version of binary key, which can’t be copied (but can still be stolen).
			There also is a disadvantage – Yubico asks $20 for the basic Yubikey model. See
			What Is Yubikey for more information on Yubikeys.
		


	



	

	
		
Complex Keys


	
		
Composite Key


		

			Composite key, as its name implies, is composed of two or more simple keys. In order
			to access the data the user must provide all the parts of the composite key.
		


		

			While it may look as a needless complication, it is not. Adding a password to
			a binary key or to a Yubikey will minimize damage if the key gets stolen or lost.
		


		

			Kryptel and Silver Key password dialog directly supports only two simple forms of
			composites: password + binary key and
			password + Yubikey. With Password Manager
			you can create any kind of composites consisting of any number of simple keys.
		


	
		
Key Group


		

			Similar to composite key, key group consists of several simpler keys. In order to
			access the data the user must provide any one of the component keys (compare to
			composite key where the user must provide all the components).
		


		

			Key group is especially useful in a situation where different subkeys have
			different access rights. For example,
		

		
		
    
		    
  • John’s password allows creation of a new encrypted container and adding
		    files to it, but does not give the right to look inside it,
    • 
		    
		    
  • Susan can browse and decrypt data but can’t encrypt,
    • 
		    
		    
  • Kevin has full access.
    • 
		


		

			Key group may include any number of simple keys and composite keys, but not
			another key group.
		


		

			See also: Password Manager.