You've been using PGP wrong

Unless you have been using it right, in which case you can stop reading now.

TL;DR: Your master key should be airgapped. All your keys should expire. You should have revocation certificates in case you lose your master key. You should back it up safely so you don't lose it.

This post assumes you know what PGP is and have a rough understanding of how public key cryptography works. Also it is based on this tutorial which you should read for more details.

Quick PGP Refresher

To understand what we'll be working with, here are the core concepts that you should understand:

Airgapped Master Key

Most of the actions that you do with PGP only require subkeys. You only really need your master key when you want to add new subkeys or identities, or change something about the existing ones.

That means you can (and should) keep only your subkeys on your day-to-day devices, and access the master key only on a secure isolated offline device. Once you are done with your master key stuff, you just export everything except the master key itself to a removable storage device and import it on your other devices. That way, if one of your devices gets compromised you can just revoke the affected subkeys, while the master key remains secure.

If you haven't done this with your current key, you might want to consider retiring it and starting fresh, generating a new key from the airgapped system.

Example Setup

Use an old SBC or laptop that you have lying around, that will never be connected to a network ever again. Run a live OS on it. You will need a persistent partition for storing the private master key, which could be on a USB stick or on the device itself, as long as it stays offline. Export the subkeys to a different USB stick. You should make backups of the master key, but be sure to only access them from the airgapped system.

In Practice

Alright, that sounds fun, but how do you do it? I'm assuming you know how to create a PGP key, so go ahead and do that on your airgapped system. After that, you'll want to export only the subkeys, which can be done with the command:

gpg --export-secret-subkeys -o secret-subkeys.gpg

Then you move secret-subkeys.gpg to your USB stick and import it normally on your other devices. Also you should export the public keys whenever you change identities or expiration dates or whatever.

Revocation Certificates

You should keep a few of these around in case you lose your master key. To generate them, run the following command from your airgapped system (replace $KEY with your actual key ID):

gpg --gen-revoke $KEY

In order to actually revoke the key, import the resulting certificate so that it is merged with your key. Then you need to publish it to a keyserver or share it in some other way so that people know it is revoked. Keep this certificate somewhere safe. Anyone with access to it can revoke your master key.

Rotating Keys

Don't hold on to your subkeys for eternity. It is good practice to rotate them every once in a while. For that, set them to expire, and generate new ones to replace them once they're approaching EOL. The lifetime of your keys will depend on your threat model. Rotating them more frequently is better for security, but it is very inconvenient.

As for the master key, things get a bit more complicated. Rotating a master key would mean revoking it and starting the whole process from scratch, having to send it to everyone and rebuild trust each time. So if you are confident that your airgapped system is truly airgapped, and that the key is too strong to have been cracked since it was created, then it might be best to keep it around. Either way, you should also set an expiry date on it, and extend it when needed instead of rotating. This will ensure the key eventually expires if you lose it or die or something.

Conclusion

Airgapping your master key greatly increases security, at the cost of having to boot into the airgapped system every now and then to edit and export stuff. I hope this made you rethink your PGP OPSEC. Read the linked tutorial if you want an actual step-by-step guide.