exclsuive gpg keypair for use on Android

Question

I have been thinking lately about shoring up my security when using my Android. There are gpg apps avail and actually I have two installed, but I am way-wary about storing my main private key on the phone so I can decrypt emails encrypted with my key. I use this key extensively on my main pc for storing files securely and do not want to compromise its privacy unnecessarily.

So I thought perhaps it is best if I generate a new key pair for use exclusively on my Android, and having that private key stored on the phone, which ever accessed by someone, say if the phone was misplaced or stolen, it would suck but would not be nearly as big a security compromise as though it were my main gpg private key on the phone.

I write a lot of notes for myself while on the go on my Android, which I then email to myself using K-9mail. So if I used the new (non-main) public key to encrypt the notes before emailing them, then I could access them both on my main pc at home as well as on my Android pulling the gpg'd attachments off the webmail server.

The reasoning seems logical to me, but not being a GnuPG guru I thought I would just see if it made sense to anyone else better versed in the technology. Or perhaps there is a better solution?

Answer 1

In the end you've got two options:

1. Using subkeys is principally the more elegant solution, but barely all OpenPGP clients lack possibilities to select which subkey to encrypt to (the more secure "desktop" subkey, or the less secure "mobile" subkey). Also think about how to make others use the right subkeys (usually, clients select the newest one).
2. Using a separate key is the pragmatic workaround to this.

In both cases, you've got two possibilities: copying the private (sub)key to both devices (desktop and mobile) or keeping separate (sub)keys, but encrypting to both of them.