[OPSEC/Computer] Update PGP regularly

Regular PGP updates dramatically increases OPSEC by confounding decryption. 300 messages with 5, 10, or 50 different PGP keys, all with high levels of encryption (>2kbit). If you don't change your PGP at least every 6 months, then you're giving your adversaries a permanent solution to your cipher. Besides, when you delete an old key, it's gone from your computer forever!

Stagnant encryption sinks ships. Don't get stuck in the doldrums!


Comments


[3 Points] lamarrotems:

I don't understand this ( I don't have the technical knowledge). How could using the same PGP key for a long time give "adversaries" a way to decrypt messages and such?

I am honestly asking, not questioning, doubting, etc.


[1 Points] The_fire_bird:

It helps to use different subkeys for that too, since the encryption capability needs to be (or at least, really really really should be) cycled much more frequently than the signing capability (unless of course you sign everything in which case it needs changing just as frequently as the encryption part).

If your master key is only used for signing, and you don't sign very often, then the key can quite safely live for a very long time, with lots of rapidly expiring subkeys (which are used for encryption).


[0 Points] None:

thanks a lot, good point


[0 Points] fuzzyparasite:

good point. i like to think of it like german enigma keys changing at midnight. - the imitation game -