Re: hashed user IDs [was: Re: Security of the gpg private keyring?]
If one really wanted to overthrow the People's Republic of Berkeley, using obfuscated e-mail addresses with the proposed methods outlined in this thread would be akin to inventing a solution for a problem that doesn't exist. There are already numerous methods for off-the-record encrypted communications. Indeed, OTR was to devised as a protocol that allows encrypted and authenticated communications without having to be a slave to an interminable digital signature that might come back to haunt you. As for remaining anonymous, one can merely connect to the IM server via Tor or some other similar method. Or one could even run their own P2P IM software like XMPP thus cutting out the middle man. Another option is a hidden .onion IRC service or a SILC chat conference. If one is really bent on using e-mail, one can merely create a throw-away address using Tor and then create a throw-away GPG key. There are numerous ways to do this already. OpenPGP's goal is not anonymity or deniability. If you want that, there's better protocols and methods as Robert Hansen has hinted at already. -- View this message in context: http://old.nabble.com/Security-of-the-gpg-private-keyring--tp31031263p31114600.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Default hash
I believe that within the next five years someone will discover an academic attack against Rijndael. I do not believe that anyone will ever discover an attack that will allow someone to read Rijndael traffic. So while I have serious academic reservations about Rijndael, I do not have any engineering reservations about Rijndael. -- Bruce Schneier, Cryptogram Newsletter, October, 2000. From Schneier/Ferguson's 2003 book, Practical Cryptography: We don't quite trust the security...No other block cipher we know of has such a simple algebraic representation. We have no idea whether this leads to an attack or not, but not knowing is reason enough to be skeptical about the use of AES. However, even though he has reservations about Rijndael, he has said publicly numerous times that he prefers everyone to use AES instead of the other finalists, no doubt because it has had undeniably more analysis thrown its way. -- View this message in context: http://old.nabble.com/Default-hash-tp31002378p31033879.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
GPG.conf Cipher Preference
I am trying to get gpg to encrypt files with a certain cipher preference. I am using Gentoo Linux, btw. I have my gpg.conf set-up like so: default-preference-list S10 S9 S8 S4 S2 S7 S3 H10 H9 H8 H11 H3 H2 H1 personal-cipher-preferences S10 S9 S8 S4 S2 S7 S3 personal-digest-preferences H10 H9 H8 H11 H3 H2 H1 personal-compress-preferences Z3 Z1 Z2 I am using a DSA2 (3072 bit) pub key along with an Elgamal sub-key (4096). My problem: Whenever I encrypt a file it always uses 3DES. I have noticed that I can change the order of 3DES and CAST5 and it will encrypt with whichever comes first. However, it totally ignores TWOFISH, AES(all of them) and BLOWFISH, even if they come in front of 3DES and CAST5. I have already checked and I have all of the above algorithms compiled into my kernel. Now, if I add: cipher-algo TWOFISH it WILL use TWOFISH to encrypt files. So, my question is, if I use this flag to always make it encrypt with TWOFISH, will that allow me to communicate with those who are not using TWOFISH on their machine? Can I add more than one cipher to the --cipher-algo flag? What is the difference in cipher-preferences and cipher-algo? I take it that cipher-algo only allows one cipher, thus my question. Thanks in advance. -- View this message in context: http://www.nabble.com/GPG.conf-Cipher-Preference-tp20413592p20413592.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: GPG.conf Cipher Preference
Hmmm. I figured it out just after I posted this. It's odd. I went and uncommented the cipher-algo flag, then suddenly it started encrypting in the order I had them set in the cipher-preferences flag. It wasn't doing this before. It was only after I added cipher-algo and then removed it that it worked. -- View this message in context: http://www.nabble.com/GPG.conf-Cipher-Preference-tp20413592p20413639.html Sent from the GnuPG - User mailing list archive at Nabble.com. ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users