David Shaw dshaw at jabberwocky.com wrote on Wed Sep 17 18:21:42 CEST 2008 :
>I think you're confusing the notion of the "default" algorithm with >the "preferred" algorithm. The default algorithm in OpenPGP is 3DES. why then, if there are no preferences used, or listed in the gpg.conf file, does gnupg use CAST-5 instead of 3DES 'by default' for symmetric encryption when no key is used. =====[example]===== c:\gnupg>gpg -c c:\t.txt gpg: using cipher CAST5 gpg: writing to `c:\t.txt.gpg' =====[example]===== also, by when gnupg generates a new key, even though the top of the key's preferences is AES, the cipher which protects the secret key, is still CAST-5 and not 3DES theoretically, if there were a new minimalist 'open pgp implementation' that used only 3DES as its encryption algorithm, and gnupg send a symmetrically encypted message, then 'by gnupg default settings' it would be incompatible. (some people actually do send conventionally encrypted messages to users they know personally, ;-) e.g. "great to hear that you're using an open-pgp program, i'll be sending you my public key in an encrypted message that only needs a passphrase, i wrote it down for you, here, then send me a reply that is encrypted to my key" theoretically, also if someone wanted to use this new program that had only 3DES, and tried to import a keypair made with the default setting in gnupg, it wouldn't be usable, because the secret key is, 'by default' protected with CAST-5, not 3DES vedaal any ads or links below this message are added by hushmail without my endorsement or awareness of the nature of the link -- Cut strokes from your golf game. Click here to learn how to improve your swing. http://tagline.hushmail.com/fc/Ioyw6h4dqsuMNEpBOQi2OQXf1pnUxciPh4GA6nP0WmjxQypzg97CAv/ _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users