Comparison of GnuPG & NAI/PGP features.

[Werner Koch]

On Fri, 7 Jan 2000, Simpson, Sam wrote:

> I note that the GnuPG web page says: "Better functionality than
> PGP and some security enhancements.".  Apart from more algorithms
> & better ability to select algorithms, what does this mean????

* You have the real source code and everone is able to build the
  executable from this source.  I am not sure whether you can do 
  this with the PGP books and noone can be sure that these books
  reflect the actual PGP executables delivered by NAI.
* Stores secret keys in a memory area which will not be swapped
  out to the disk. 
* All operations involving confidential material (session keys, some
  hashs, secret keys, intermediate results) are althoug done in this
  memory area.
* It can use ElGamal for signing by creating all ElGamal keys in a
  secure way.  Uses this algorith even for DSA keys, just in case.
  I think PGP now uses the same Lim-Lee algorithm now and I am not
  sure whether this is at all an advantage.
* It never uses any temporary files.
* Has quite a lot of features you expect from a Unix tool.

> I have constructed a (very) small table to compare the algorithms
> available, it's at: http://www.scramdisk.clara.net/compare.html 

Please get this Skipjack out of the list.  It whish I never wrote this
module - it used to be just an experiment.

As I only have this 6.5.1 pgp here and it even refuses to create keys
with a message saying it can't open the keyrings  (although strace show
that it indeed opens them), I don't know what this SHA-1x is.

-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013
  
     Boycott Amazon!  -  http://www.gnu.org/philosophy/amazon.html