Deep noob question here, but if I go GnuPG keys -> my personal pgp key pair -> properties -> export -> crtlc+v into the text editor, every time it's different after the first few lines. How can it be "my" key if it changes? This might be totally normal haha I've just never seen it mentioned anywhere.
Edit: Just want to clarify that the first 12 lines are the same, and all the lines after are different.
/u/[deleted] · N/A votes · 19th April, 2020 - 18:38 · Link
Mine are different too so it seems to be normal. PGP is asymmetric cryptography. Same is with monero receiving subaddresses. They can be different but still point to the same "real" address because they are cryptographically derived out of the main address. And i assume thats happening too when you export your PGP PrivateKey. You never know your "real" key because all of them are "real" and you just get shown the one which was right now cryptographically derived (out of your password for example maybe ...) Could someone who knows a lot more than i do maybe confirm me my guess /u/mr_white ;)
/u/[deleted] · N/A votes · 20th April, 2020 - 08:25 · Link
Well I'm not a cryptographer by any means but modern (and not only) ciphers have to make sure if you encrypt the same plaintext several times the ciphertext is different. With PGP relying only on the "public key text" is stupid (I discovered it the hard way) as the output can and will be different, fingerprints are the way to go, I suppose same goes for the exported private keys. Besides exporting a private key usually requires that it's encrypted by a passphrase, so here we go.
/u/[deleted] · N/A votes · 21st April, 2020 - 23:28 · Link
I read about it a bit and as far as i understand it seems the private parameters of a PrivateKey are encrypted of a key derived out of the password+a random generated 8 byte salt to make brute-force attempts of the password more difficult. The chosen cipher will also have some randomness. https://security.stackexchange.com/questions/213064/gpg-every-private-key-export-of-the-same-key-pair-is-different So it makes sense that the PublicKey and the PrivateKey and the result will be different whenever you look and the password (of course) and the fingerprint will stay the same.