Re: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-24 Thread Bernhard Reiter
Am Sonntag 20 Februar 2022 09:30:36 schrieb Daniel Colquitt via Gnupg-users: > I agree with you, and Robert Hansen above, insofar as there is no practical > weakness in using SHA-1 as part of a key derivation algorithm. (for protecting exported private keys) > Nevertheless it does seem imprudent

Re: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-20 Thread Robert J. Hansen via Gnupg-users
ifying alternative algorithms for the internal storage and exporting of private keys. I now understand that it is not possible for the user to alter the encryption algorithm used by gpg-agent to secure private keys. Perhaps it would be a good idea to say this explicitly in a documentation? I ap

RE: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-20 Thread Daniel Colquitt via Gnupg-users
> Has it really been that long? ... No, it has not been: a free-start collision was > found on the SHA-1 compression function in 2015, less than > 7 years ago. > > As far as I know, a single collision pair ("SHAttered") has been produced, > using about 9 months on a very large cluster, against the

Re: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-19 Thread Jacob Bachmeyer via Gnupg-users
Daniel Colquitt via Gnupg-users wrote: Whilst AES128 is probably okay for now, SHA1 has been broken for well over 15 years. Has it really been that long? ... No, it has not been: a free-start collision was found on the SHA-1 compression function in 2015, less than 7 years ago. As far as I

Re: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-19 Thread Daniel Colquitt via Gnupg-users
ith AES128 and SHA1 is used. Whilst AES128 is probably okay for now, SHA1 has been broken for well over 15 years. Hence, my question about specifying alternative algorithms for the internal storage and exporting of private keys. I now understand that it is not possible for the user to alter the encryp

Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-19 Thread Werner Koch via Gnupg-users
On Fri, 18 Feb 2022 13:08, Daniel Colquitt said: > Is the suggestion the gpg does not respect these flags when applying > symmetric encryption to keys? gpg does not encrypt private keys. This is done by gpg-agent. The method how the keys are protected internally are out of scope for OpenPGP. S

Re: Changing the encryption algorithm used for PGP/GPG private key

2022-02-19 Thread Daniel Colquitt via Gnupg-users
Hi Vedaal, > Try this: > In gpg.conf file add the option of > --expert > and in personal preferences, list only AES 256, > Not the other strengths. > Keep all of the s2k options you listed, and try generating a new key again > Vedaal Many thanks for the suggestion, but I’m afraid that this stil

RE: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread vedaal via Gnupg-users
On 2/18/2022 at 3:12 AM, "Daniel Colquitt via Gnupg-users" wrote:Just to follow up that this isn't a gpgwin problem. I have a Debian installation and generated a test key using GnuPG and the same gpg.conf file = Try this: In gpg.conf file add the option of --expert and in personal preferen

RE: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread Daniel Colquitt via Gnupg-users
Thanks for responding, Ingo. > As far as I can tell `man gpg` does not claim that any of these settings > influence the encryption of secret keys. According to the manual, the --s2k-* flags control

Re: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread Ingo Klöcker
On Montag, 14. Februar 2022 10:36:25 CET Daniel Colquitt via Gnupg-users wrote: > I've read various tutorials and posts regarding changing the algorithm used to encrypt my private PGP keys. However, nothing I have tried seems to work. I am using gpg4win: [...] > My gpg.conf file located at > C:\

RE: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread Daniel Colquitt via Gnupg-users
Just to follow up that this isn't a gpgwin problem. I have a Debian installation and generated a test key using GnuPG and the same gpg.conf file. Here is the output > gpg --list-packets test.key > # off=0 ctb=95 tag=5 hlen=3 plen=1862 > :secret key packet: >version 4, algo 1, created 164

Changing the encryption algorithm used for PGP/GPG private key

2022-02-14 Thread Daniel Colquitt via Gnupg-users
I've read various tutorials and posts regarding changing the algorithm used to encrypt my private PGP keys. However, nothing I have tried seems to work. I am using gpg4win: > gpg (GnuPG) 2.3.4 > libgcrypt 1.9.4 > Copyright (C) 2021 g10 Code GmbH > License GNU GPL-3.0-or-later

Re: Encryption Algorithm for GnuPG?

2019-05-31 Thread Robert J. Hansen
Please don't send HTML email to this list. On 5/31/19 6:27 PM, Tony Lane wrote: > I would say chacha2020 is also a strong cipher up there with AES. As soon as you get ChaCha20 added to the OpenPGP spec, I'll start participating in discussions on this mailing list about its merits. :) > It also

Re: Encryption Algorithm for GnuPG?

2019-05-31 Thread Tony Lane
I would say chacha2020 is also a strong cipher up there with AES. The fact that AES uses lookup table with an index derived from the secret makes general implementations vulnerable to cache-timing attacks. ChaCha20 is not vulnerable to such attacks. (AES implemented through AES-NI is also not vu

Re: Encryption Algorithm for GnuPG?

2019-05-31 Thread Robert J. Hansen
> What is the encryption engine for the current GnuPG. By default, AES. Other algorithms are possible but not recommended. The only other algorithms I'd recommend are Twofish and Camellia. > I know IDEA is proprietary so that can’t be used It can be used. You'd be insane to actually use it, bu

Re: Encryption Algorithm for GnuPG?

2019-05-27 Thread gnupg
Procopius via Gnupg-users wrote: > What is the encryption engine for the current GnuPG. I read that it > isNIST AES. I know IDEA is proprietary so that can’t be used, is this > correct? > > If it’s NIST AES that is under the US Government? Wouldn’t that be in > danger of a US back door in the alg

Re: Encryption Algorithm for GnuPG?

2019-05-27 Thread Michał Górny
On Sun, 2019-05-26 at 23:30 -0700, Procopius via Gnupg-users wrote: > If it’s NIST AES that is under the US Government? Wouldn’t that be in danger > of a US back door in the algorithm? > Why would them bother trying to split a backdoor in the algorithm unnoticed if it's much simpler to install i

Re: Encryption Algorithm for GnuPG?

2019-05-27 Thread Damien Goutte-Gattat via Gnupg-users
On Sun, May 26, 2019 at 11:30:18PM -0700, Procopius via Gnupg-users wrote: What is the encryption engine for the current GnuPG. There’s no single symmetric encryption algorithm. OpenPGP allows a set of algorithms: 3DES, IDEA, CAST5, AES, Blowfish, Twofish, and Camellia [1,2]. GnuPG supports

Encryption Algorithm for GnuPG?

2019-05-27 Thread Procopius via Gnupg-users
What is the encryption engine for the current GnuPG. I read that it isNIST AES. I know IDEA is proprietary so that can’t be used, is this correct? If it’s NIST AES that is under the US Government? Wouldn’t that be in danger of a US back door in the algorithm? Elwin Sent using Hushmail_

Re: encryption algorithm

2013-12-18 Thread David Shaw
On Dec 18, 2013, at 5:41 AM, Werner Koch wrote: > On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said: > >> because you just shifted to arguing that "since GnuPG defaults to >> AES-256, we need to use RSA-15000 by default otherwise the asymmetric > > FWIW: > >The rationale why we use the

Re: encryption algorithm

2013-12-18 Thread Robert J. Hansen
On 12/18/2013 2:18 AM, Daniel Kahn Gillmor wrote: > Sorry, but NIST does face a crisis of trust, particularly in the area of > cryptography, whether either of us wants that to happen or not. Perhaps: but *not over the PRNG they published*. Please stay on point. You are demonstrating a tendency h

Re: encryption algorithm

2013-12-18 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/18/2013 12:05 AM, Robert J. Hansen wrote: >> So in other words the message can not be read by some govt genius >> with a rack of computers?? > > How would I know? Ask a government genius with a rack of > computers. > > I don't know the extent

Re: encryption algorithm

2013-12-18 Thread Werner Koch
On Wed, 18 Dec 2013 02:27, r...@sixdemonbag.org said: > because you just shifted to arguing that "since GnuPG defaults to > AES-256, we need to use RSA-15000 by default otherwise the asymmetric FWIW: The rationale why we use the order AES256,192,128 is for compatibility reasons with PGP.

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
On 12/18/2013 12:29 AM, Robert J. Hansen wrote: > A flawed standard is just that, a flawed standard. It's not a cause for > a crisis of trust in an outfit that has enjoyed the community's trust > for many decades. Sorry, but NIST does face a crisis of trust, particularly in the area of cryptograp

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
> It's bad simply because it's far slower than other comparable RNGs > that were standardized at the same time. I did *not* claim it was > deliberately backdoored, and i certainly didn't claim it was > backdoored by NIST. Then why did you use it as a "I'm glad you can still trust them even aft

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
> So in other words the message can not be read by some govt genius with > a rack of computers?? How would I know? Ask a government genius with a rack of computers. I don't know the extent of the government's capabilities, nor do I want to. That's the kind of knowledge that normally comes with

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
On 12/17/2013 10:28 PM, Robert J. Hansen wrote: > On 12/17/2013 9:20 PM, Daniel Kahn Gillmor wrote: >> (i'm glad you still feel they're trustworthy, even in the context of >> them having issued a deliberately bad RNG, and their keylength >> recommendations being weaker than everyone else's!) > > T

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 11:02 PM, Robert J. Hansen wrote: > On 12/17/2013 10:57 PM, Matt D wrote: >> Lets assume I run Ubuntu live from USB stick or cd when I need >> secure messaging so an attacker cannot predict what machine i >> will send my message from and

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
On 12/17/2013 10:57 PM, Matt D wrote: > Lets assume I run Ubuntu live from USB stick or cd when I need secure > messaging so an attacker cannot predict what machine i will send my > message from and there will be nothing left on the machine. The > encrypted message is captured but the adversary do

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 10:33 PM, Robert J. Hansen wrote: > On 12/17/2013 9:41 PM, Matt D wrote: >> OK, I see. So . . . if brute force is impossible, then what sort >> of an attack is possible? > > Too many to list. Depends largely on your attacker's budget a

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
On 12/17/2013 9:41 PM, Matt D wrote: > OK, I see. So . . . if brute force is impossible, then what sort of > an attack is possible? Too many to list. Depends largely on your attacker's budget and the constraints of their operation. For instance, if I don't care if you know I've compromised your

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
On 12/17/2013 9:20 PM, Daniel Kahn Gillmor wrote: > sigh. "weakest link" analysis is clearly useful, and just as > clearly not the only analytic tool to use. I don't understand your position. First you're saying, "we currently have 112 bits of keyspace, we need at least 128," and then you're say

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 08:07 PM, Robert J. Hansen wrote: >> what about the 2048-bit DSA part of it? > > Search the list archives, please -- this question has been asked > and answered a great number of times. > OK, I see. So . . . if brute force is impossibl

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
On 12/17/2013 08:27 PM, Robert J. Hansen wrote: > Yes -- but no one is claiming that 112-bit keyspaces are vulnerable > today, or at any time within the near future. Further, moving to a > 128-bit keyspace is not, IMO, any sort of a real win: you're only > gaining 16 bits of keyspace. At most you

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
> I never attributed RSA-1024 to you: i'm merely pointing out that good > enough for "virtually all users" and "virtually all purposes" is the > wrong way to select choices that we want to cover the most vulnerable > targets. Sorry for the double response -- I thought I'd included this in my previ

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
> I never attributed RSA-1024 to you: i'm merely pointing out that > good enough for "virtually all users" and "virtually all purposes" is > the wrong way to select choices that we want to cover the most > vulnerable targets. Perhaps: but that's not what I was responding to. The original poster w

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
> what about the 2048-bit DSA part of it? Search the list archives, please -- this question has been asked and answered a great number of times. signature.asc Description: OpenPGP digital signature ___ Gnupg-users mailing list Gnupg-users@gnupg.org h

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 04:54 PM, Robert J. Hansen wrote: >> Lets assume the people I email have the same preferences. So >> how long, and at what cost would it take to brute force crack a >> captured message? > > [sigh] > > Not this again. I get very tired

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
On 12/17/2013 05:04 PM, Robert J. Hansen wrote: > I don't understand the reasoning by which you have concluded that I am > advocating RSA-1024. I'm not. I think the default of RSA-2048 is a > good one. I'm only saying that for most users and most purposes, > RSA-1024 is sufficient; to reach "vir

Re: encryption algorithm

2013-12-17 Thread Chris De Young
On 12/17/2013 2:54 PM, Robert J. Hansen wrote: > > The amount of energy we're talking about here is so large there is a > non-zero chance it would disturb the false vacuum of spacetime and > annihilate the cosmos. Well, probably not - because in order to apply this energy to your brute-force calcu

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Well, probably not - because in order to apply this energy to your brute-force calculation process you presumably have some way of capturing it, thereby making it unavailable for use in the destruction of the cosmos. :-) Nope! That thermodynamic analysis is how much heat you have to dump in

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Quoting Hauke Laging : element) to get "security". One more wild guess: 99.9% of the systems on which GnuPG is *actively* used do not even provide the "equivalent" of a 73-bits key. This is almost certainly true. A couple of years ago Vint Cerf estimated that somewhere between a sixth an

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
so strong algorithms by default is a good idea. Yes, which is why RSA-2048 is recommended. I don't understand the reasoning by which you have concluded that I am advocating RSA-1024. I'm not. I think the default of RSA-2048 is a good one. I'm only saying that for most users and most purp

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Lets assume the people I email have the same preferences. So how long, and at what cost would it take to brute force crack a captured message? [sigh] Not this again. I get very tired of answering this question. The Second Law of Thermodynamics puts a minimum energy requirement on how much

Re: encryption algorithm

2013-12-17 Thread David Shaw
On Dec 17, 2013, at 12:41 PM, Matt D wrote: > How can I find whats on my list? gpg --edit-key (thekey) showpref You can see your own, or anyone else's preference list that way. Note that each user ID (or photo ID) has its own preference list. David _

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 01:37 PM, David Shaw wrote: > On Dec 17, 2013, at 12:41 PM, Matt D wrote: > >> How can I find whats on my list? > > gpg --edit-key (thekey) showpref > > You can see your own, or anyone else's preference list that way. > Note that each

Re: encryption algorithm

2013-12-17 Thread David Shaw
On Dec 17, 2013, at 1:53 PM, Matt D wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 12/17/2013 01:37 PM, David Shaw wrote: >> On Dec 17, 2013, at 12:41 PM, Matt D wrote: >> >>> How can I find whats on my list? >> >> gpg --edit-key (thekey) showpref >> >> You can see your own,

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
(Definitely Godzilla) But why do people tell me that DH, DSA, and RSA under 2048 are unacceptable? I have to let my cynicism shine through, unfortunately. For the vast majority of the population, cryptographic technologies are a giant black box. The popular view is that it's something only

Re: encryption algorithm

2013-12-17 Thread Hauke Laging
Am Di 17.12.2013, 15:57:54 schrieb Daniel Kahn Gillmor: > RSA 1024 falls > in at the equivalent of about 73 bits of symmetric cipher. According to > the authors, this is "Short-term protection against medium > organizations, medium-term protection against small organizations", not > "a First Wor

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Thanks a bunch that was easy. So mine is 2048 with AES-256. So whats all the complaining about the defaults? Well, yes and no. When you encrypt an email for someone else, two *different* preference lists are consulted. The first is found in gpg.conf (or, if it's not there, it uses defaul

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
On 12/17/2013 01:22 PM, Robert J. Hansen wrote: > With respect to 2048-bit crypto, don't believe the hype. Most users and > most purposes will still be well-served with even a 1024-bit key. No > one with half a brain is going to bother trying to break RSA-1024; they > will instead come up with mo

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 02:28 PM, Robert J. Hansen wrote: >> Thanks a bunch that was easy. So mine is 2048 with AES-256. Lets assume the people I email have the same preferences. So how long, and at what cost would it take to brute force crack a captured mess

Re: encryption algorithm

2013-12-17 Thread Avi
On Tue, Dec 17, 2013 at 12:41 PM, Matt D wrote: > > > > How can I find whats on my list? > -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You can see what is in your list with the 'showpref' command whilst in the key editing menu. Avi -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (Ming

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 12:02 PM, Robert J. Hansen wrote: >> Why would anyone choose AES-128 instead of something more secure, >> say AES-256? > > "More secure" is sort of ... missing the point. It's sort of like > arguing over whether King Kong or Godzilla i

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Hi! What encryption algorithm do we use in OpenPGP It depends a lot on how you have GnuPG configured and how your recipient's certificate is configured. For asymmetric encryption, either RSA or Elgamal will be used. For symmetric encryption, one of Twofish, AES256, AES192, A

Re: encryption algorithm

2013-12-17 Thread Robert J. Hansen
Why would anyone choose AES-128 instead of something more secure, say AES-256? "More secure" is sort of ... missing the point. It's sort of like arguing over whether King Kong or Godzilla is better at urban destruction. We choose between ciphers principally based on features other than

Re: encryption algorithm

2013-12-17 Thread David Shaw
On Dec 17, 2013, at 11:31 AM, Matt D wrote: > On 12/17/2013 11:09 AM, Daniel Kahn Gillmor wrote: >> Hi Matt-- >> >> On 12/17/2013 10:07 AM, Matt D wrote: >>> Hi! What encryption algorithm do we use in OpenPGP >> >> OpenPGP has "algori

Re: encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/17/2013 11:09 AM, Daniel Kahn Gillmor wrote: > Hi Matt-- > > On 12/17/2013 10:07 AM, Matt D wrote: >> Hi! What encryption algorithm do we use in OpenPGP > > OpenPGP has "algorithm agility", meaning that it

Re: encryption algorithm

2013-12-17 Thread Daniel Kahn Gillmor
Hi Matt-- On 12/17/2013 10:07 AM, Matt D wrote: > Hi! What encryption algorithm do we use in OpenPGP OpenPGP has "algorithm agility", meaning that it's possible to use different encryption algorithms at different times in the same cryptographic framework. encrypted Op

Re: encryption algorithm

2013-12-17 Thread Werner Koch
On Tue, 17 Dec 2013 16:07, md...@nycap.rr.com said: > Hi! What encryption algorithm do we use in OpenPGP The defaults for the public key algorithm is RSA with a 2048 bits. For the symmentric session key the default algorithms are AES256, AES192, AES256, CAST5-128, 3DES where gpg pi

encryption algorithm

2013-12-17 Thread Matt D
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi! What encryption algorithm do we use in OpenPGP -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.21 (GNU/Linux) Comment: MacGPG2 - http://www.gpgtools.org/macgpg2.html Comment: Using GnuPG with Thunderbird - http://www.enigmail.net

Re: Setting encryption algorithm for specific key

2013-11-25 Thread MFPA
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi On Sunday 24 November 2013 at 9:06:14 PM, in , Bill Albert wrote: > Objection: your preference of an esoteric mail reader > is not relevant to the rest of us. "Mail readers that thread properly" hardly equates to "an esoteric mail reader." A

Re: Setting encryption algorithm for specific key

2013-11-25 Thread Robert Holtzman
On Sun, Nov 24, 2013 at 04:06:14PM -0500, Bill Albert wrote: > On 11/21/2013 01:01 AM, Doug Barton wrote: > > Please don't reply to a message off the list and change the subject > > line because it causes your new topic to show under the previous one > > for those using mail readers that thread pro

Re: Setting encryption algorithm for specific key

2013-11-25 Thread Doug Barton
On 11/24/2013 01:06 PM, Bill Albert wrote: On 11/21/2013 01:01 AM, Doug Barton wrote: Please don't reply to a message off the list and change the subject line because it causes your new topic to show under the previous one for those using mail readers that thread properly, and may cause your mes

Changing the subject WAS Re: Setting encryption algorithm for specific key

2013-11-25 Thread Kenneth Jones
Sorry Bill, Esoteric mail reader or not, changing the subject while maintaining the subject line is bad form, and has been forever. Maybe you're new. ;-) Cheers, Ken On 2013-11-25 05:06, Bill Albert wrote: > > Objection: your preference of an esoteric mail reader is not relevant > to the rest o

Re: Setting encryption algorithm for specific key

2013-11-25 Thread Bill Albert
On 11/21/2013 01:01 AM, Doug Barton wrote: > Please don't reply to a message off the list and change the subject > line because it causes your new topic to show under the previous one > for those using mail readers that thread properly, and may cause your > message to be missed altogether if someon

Re: Setting encryption algorithm for specific key

2013-11-22 Thread Paul R. Ramer
Johan Wevers >I communicate with someone whose key tells me it supports IDEA, and >since that's my prefered algorithm my gpg uses it to encrypt the >message. However, het setup does not in fact support it (any more, it >used to do in the past). Re-signing the key is no option, this is as >computer

Re: Setting encryption algorithm for specific key

2013-11-20 Thread Doug Barton
Please don't reply to a message off the list and change the subject line because it causes your new topic to show under the previous one for those using mail readers that thread properly, and may cause your message to be missed altogether if someone has blocked that thread. Instead, save the l

Re: Setting encryption algorithm for specific key

2013-11-20 Thread David Shaw
On Nov 20, 2013, at 5:33 PM, Johan Wevers wrote: > Hello, > > I communicate with someone whose key tells me it supports IDEA, and > since that's my prefered algorithm my gpg uses it to encrypt the > message. However, het setup does not in fact support it (any more, it > used to do in the past).

Setting encryption algorithm for specific key

2013-11-20 Thread Johan Wevers
Hello, I communicate with someone whose key tells me it supports IDEA, and since that's my prefered algorithm my gpg uses it to encrypt the message. However, het setup does not in fact support it (any more, it used to do in the past). Re-signing the key is no option, this is as computer-literate a

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Tiago Faria
On Sun, 02 Jan 2011 07:15:25 -0500 Mike Acker wrote: > is: how does S9 equate to AES256 ? there has to be a way to find the > equivalence between the verbose codes and the short hand Hi Mike, $ gpg --verbose --version will tell you (after the cipher/algorithm and between ()) what is the short

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Tiago Faria
On Sun, 02 Jan 2011 05:35:23 -0500 "Robert J. Hansen" wrote: > It will respect default-cipher-preference. Certificate prefs are not > used during symmetric encryption, since certs themselves are not used > at all. Indeed Robert. Thanks for pointing that out. I only noticed that certs were not

Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Mike Acker
Many Thanks to Tiago Faria Date:Sun, 2 Jan 2011 05:57:00 + for excellent notes on editing GPG Keys. I had found neither GPA nor Kleo to have all of the edit capability that should be available for a key and in particular on the User ID and preferences for symetric ciphers the key to this is

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread frankexchange
@gnupg.org Date: Sun, 02 Jan 2011 05:35:23 -0500 Subject: Re: Default GPG Encryption Algorithm (symmetric cipher) is? On 1/2/2011 12:57 AM, Tiago Faria wrote: > If it uses GnuPG, then it will respect the rules set by your keyring > preferences. You can check the preferences with the command

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Robert J. Hansen
On 1/2/2011 12:57 AM, Tiago Faria wrote: > If it uses GnuPG, then it will respect the rules set by your keyring > preferences. You can check the preferences with the command: It will respect default-cipher-preference. Certificate prefs are not used during symmetric encryption, since certs themsel

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Larry Brower
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 01/02/2011 12:14 AM, frankexcha...@nospammail.net wrote: > As mentioned I am a Linux newbie (command line adverse) and like many > users of Ubuntu they would not know how access details of what the > default symmetric cipher is. > > Use of the te

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-02 Thread Robert J. Hansen
On 1/2/2011 1:14 AM, frankexcha...@nospammail.net wrote: > Use of the term "default" was provided to mean the one GPG uses without > any user intervention IE: Default And the answer here is exactly what I said: whatever you tell it to be. Computers are complex beasts. Two installations of the sa

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-01 Thread Tiago Faria
> default-cipher-preferences [algo name] > ... to your ~/.gnupg/gpg.conf file. My bad for sending the last e-mail. While those settings apply to hybrid systems, I don't know if this application generates a keyring, and therefor, those instructions are not very helpful. Sorry. T -- Tiago Fari

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-01 Thread Tiago Faria
On Sun, 02 Jan 2011 04:24:27 + frankexcha...@nospammail.net wrote: > Deja Dup on Ubuntu 10.04 LTS: Default GPG Encryption Algorithm > (symmetric cipher) is? If it uses GnuPG, then it will respect the rules set by your keyring preferences. You can check the preferences with the command

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-01 Thread frankexchange
f sounding silly, what is the Default symmetric cipher used in GPG under Unbuntu 10.04 LTS? Thanks Frank - Original message - From: "Robert J. Hansen" To: gnupg-users@gnupg.org Date: Sun, 02 Jan 2011 00:46:45 -0500 Subject: Re: Default GPG Encryption Algorithm (symmetric cipher)

Re: Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-01 Thread Robert J. Hansen
On 1/1/2011 11:24 PM, frankexcha...@nospammail.net wrote: > Does anyone know exactly which default symmetric Cipher (Encryption > Algorithm) is used by GPG? Apparently it is CAST-128, but I cannot find > any citation online that confirms this is the case for the version of > GPG int

Default GPG Encryption Algorithm (symmetric cipher) is?

2011-01-01 Thread frankexchange
Deja Dup on Ubuntu 10.04 LTS: Default GPG Encryption Algorithm (symmetric cipher) is? I am using Deja Dup <https://launchpad.net/deja-dup> to create encrypted backups before uploading online. It uses GPG's default Symmetric Cipher (Encryption Algorithm) to encrypt data. Does anyone k