I agree with Seth Arnolds reply to this message and just have the following to add: One of the reasons that Phil Zimmerman left NAI is that they stopped releasing the source code for peer review though he did say that the current version, up until he left was still secure. To which I assume that he meant that the crypto routines were left untouched and it was just UI stuff that was modified.
Also GPG does not use patented algorithms such as IDEA and until recently RSA (1.06 includes it). It does include all the normal algorithms that one would expect: DES, 3DES, Blowfish, MD5, SHA-1, etc... which are all well understood algorithms so I would not worry too much about them. I can't comment on key generation since I do not know what either one uses but I do know that from a quick (very guick) survey of bug reports the key gerneration, handling was where most bugs were found, and not in the encryption algorithms. I don't know of any current GPG bugs. I have been doing some experiments between PGP and GPG and as far as I can tell messages can be transfered easily between the two systems (current versions at least). The only major difference I found between to two systesms is that PGP seems to have a more fleshed out key sharing system. PGP seems to be able to use x.509 (ldap) systems as well as HTP, email and FTP key server while GPG does not understand x.509. From a note I found on the GPG site (paraphrased, as I can't recall the exact wording) "...GPG and x.509 are competing standards..." so I would not expect it to support x.509 anytime in the near furture. There is something to be disscussed about the relative security arising from using x.509 or the "Web of Trust". i.e how do you trust the key you get off of a public key server? x.509 says trust the CA to have signed a proper key, while the "Web of Trust" says "I trust Dan, Dan trusts Sam, but, do I trust Dan enought to trust Sam?". This leaves an awful lot on the sholders of end user to get it right, but it does not rely on a central authority to be up and running all the time so it is more roubust. How x.509 works is an assumption on my part, I'm not an LDAP expert. If there are any experts out there that know different please chime in. My $.02 worth... Tom Arseneault Sys. Admin. GNAC Inc. P.S. <CYOA>Phil Zimmerman's note did not come right out and say that was a reason for his leaving NAI but he went to such great lengths to ensure you understood this point that it's an assumption on my part. If I'm wrong in my assumption please accept my apology to Phil and NAI</CYOA> On Sat, 12 Jan 2002, Robin Lynn Frank wrote: > Does anyone know of any definitive study of the relative security of > PGP6.5.8 vs. GnuPG 1.06 > -- > Robin Lynn Frank >