Comparison of GnuPG & NAI/PGP features.

Werner Koch wk@gnupg.org
Fri, 7 Jan 2000 12:38:15 +0100


On Fri, 7 Jan 2000, Simpson, Sam wrote:


> I note that the GnuPG web page says: "Better functionality than
> PGP and some security enhancements.". Apart from more algorithms
> & better ability to select algorithms, what does this mean????
* You have the real source code and everone is able to build the executable from this source. I am not sure whether you can do this with the PGP books and noone can be sure that these books reflect the actual PGP executables delivered by NAI. * Stores secret keys in a memory area which will not be swapped out to the disk. * All operations involving confidential material (session keys, some hashs, secret keys, intermediate results) are althoug done in this memory area. * It can use ElGamal for signing by creating all ElGamal keys in a secure way. Uses this algorith even for DSA keys, just in case. I think PGP now uses the same Lim-Lee algorithm now and I am not sure whether this is at all an advantage. * It never uses any temporary files. * Has quite a lot of features you expect from a Unix tool.
> I have constructed a (very) small table to compare the algorithms
> available, it's at: http://www.scramdisk.clara.net/compare.html
Please get this Skipjack out of the list. It whish I never wrote this module - it used to be just an experiment. As I only have this 6.5.1 pgp here and it even refuses to create keys with a message saying it can't open the keyrings (although strace show that it indeed opens them), I don't know what this SHA-1x is. -- Werner Koch at guug.de www.gnupg.org keyid 621CC013 Boycott Amazon! - http://www.gnu.org/philosophy/amazon.html