paperkey

Take a specific secret key and generate a text file with the secret data

$ paperkey --secret-key [path/to/secret_key.gpg] --output [path/to/secret_data.txt]

$ paperkey --pubring [path/to/public_key.gpg] --secrets [path/to/secret_data.txt] --output [secret_key.gpg]

$ gpg --export-secret-key [key] | paperkey --output [path/to/secret_data.txt]

paperkey [options] <exported-private-key-file>
paperkey --decode [options]
paperkey --decode [options] --filename <paperkey-output-file>

--decode
    Reconstructs an OpenPGP secret key from previously generated paperkey output.

--output <filename>, -o <filename>
    Specifies the file to which the generated paperkey output will be written. If omitted, output goes to standard output.

--filename <filename>
    Specifies the input file to read from when using --decode. If omitted, --decode reads from standard input.

--comment <text>
    Adds a custom comment string to the beginning of the generated paperkey output.

--qr
    Generates the paperkey output as a series of QR codes. This is the default output format.

--hex
    Generates the paperkey output as hexadecimal digits.

--base64
    Generates the paperkey output as Base64 encoded data.

--bits <N>
    Specifies the number of bits encoded per "character" in the output. Useful for tweaking density for hex output.

--no-meta
    Excludes metadata (like key ID and creation date) from the paperkey output.

--no-compress
    Prevents compression of the key material before encoding. This results in larger output.

--version
    Displays the paperkey version information.

--help
    Displays a summary of command-line options.

paperkey is a command-line utility designed to create a secure, printable backup of an OpenPGP secret key. It encodes the key material into a compact, human-readable (or machine-readable, like QR codes) format suitable for printing on paper. This provides an essential offline archival method, safeguarding sensitive cryptographic keys from digital threats like hacking or data corruption.

The tool supports various output formats, including QR codes for optical scanning, hexadecimal digits, and Base64 encoding. While not a direct key recovery tool, paperkey generates an intermediate representation that can be decoded back into a GnuPG-compatible secret key using the paperkey --decode option. It is particularly valuable for backing up master OpenPGP keys or revocation certificates, which are critical for long-term key management and disaster recovery. Storing a physical copy in a secure location offers a robust alternative to purely digital backups.

The security of a key backed up with paperkey depends entirely on the physical security of the printed copy. It is vulnerable to theft, damage (e.g., fire, water), or simple loss.

Using paperkey implies trust in the printer; ensure the printer does not retain a copy of the sensitive data in its memory.

This tool is generally suited for long-term archival of master OpenPGP keys or revocation certificates, not for keys in active, frequent use.

The output is an encoded blob, not a directly readable private key. Recovery requires the paperkey utility itself.

The primary security concern with paperkey output is its physical storage. Store the printed key in a highly secure, fireproof, and waterproof location, preferably in multiple geographically separated locations. Always use a trusted printer that does not retain memory of print jobs. Consider performing a test recovery to ensure the process works before relying solely on the paper backup. The generated output is a compressed, encoded representation, not a human-readable private key, thus providing a layer of obscurity, but not encryption.

1. Export the private key: First, export the secret key you wish to back up from GnuPG: gpg --export-secret-keys > mykey.gpg.

2. Generate paperkey output: Convert the exported key to a printable format. For QR codes: paperkey --qr mykey.gpg > mykey_paper.txt. For hexadecimal: paperkey --hex mykey.gpg > mykey_hex.txt.

3. Print the output: Print mykey_paper.txt or mykey_hex.txt using a trusted printer.

4. Verify recovery (recommended): To confirm the backup is valid, decode it back into a GnuPG key file: paperkey --decode < mykey_paper.txt > recovered_mykey.gpg. You can then attempt to import this recovered key into a test GnuPG keyring: gpg --import recovered_mykey.gpg.

paperkey was originally developed by David S. Miller (davem@davemloft.net) and Daniel J. Bernstein (djb@cr.yp.net). Its creation addresses the need for a robust, offline backup mechanism for cryptographic keys, specifically OpenPGP secret keys, to complement digital security measures. It provides a means to protect keys against purely digital attacks or data loss scenarios, making it a critical component in comprehensive key management strategies since its inception.

gpg(1), qrencode(1), base64(1)