How is the encryption hash derived for 256 bit twofish?

Werner Koch wk at
Thu Dec 30 22:43:10 CET 1999

[Please, have a look at the X-Diagnostic line]

And the answer on your question is in of rfc2400

----- Forwarded message from "Speicher, Clay" <CSpeicher at> -----

Date: Wed, 29 Dec 1999 16:33:43 -0500
From: "Speicher, Clay" <CSpeicher at>
To: gnupg-devel at
Subject: How is the encryption hash derived for 256 bit twofish?
X-Diagnostic: HTML mails are spam

This question concerns conventional encryption only.  I assume session keys
for public key encryption are derived from system entropy.

I have been studying the source for a week or two to figure this out without
bothering anyone.  But I give up.

How is the 256 bit hash for twofish created from a passphrase when the
largest hash output in GPG is 192 bits, using "tiger"?  Making things even
more confusing is that tiger is not used by default, dropping the hash size
to 160 bits.

Thanks in advance.

P.S.:  If any of you see this message twice, I apologize.  I didn't see a
copy of it sent to me when I sent it the first time.

----- End forwarded message -----

Werner Koch at            keyid 621CC013
     Boycott Amazon!  -

More information about the Gnupg-devel mailing list