On 7/24/2012 10:21 PM, Faramir wrote: > Clearly I'm out of my league there. I had heard about that, but later > I also heard about stacking different algos (with different keys of > course) to increase security.
I'm unaware of any reputable reference that recommends this practice. That's not to say no such reference exists, only that if one exists I'm unaware of it. > Anyway, do you know about any list of "compatible" encryption > algorithms? I mean, pairs that work well together. The better question, to me at least, is "why would I want to do this?" Cryptosystems tend to fail predominantly due to human error, then to software bugs. Consider that since PGP 2.6 was released in ... what was it, '91? ... not one single encryption algorithm used by PGP has ever been broken. Although IDEA is not well-regarded by modern standards it's still a safe cipher; and RSA is still, well, RSA. If the algorithms are unlikely to be broken but the likelihood of security-impacting software bugs is essentially certain, then stacking algorithms would seem to be ill-advised. Stacking algorithms increases the complexity of the code, increases the number of keys which must be managed, and so forth. Rather than enhancing security, my suspicion would be that it diminishes it by increasing the complexity of the system. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users