slow(&huge) password digest algorithm for GPG

Werner Koch wk at
Mon Dec 13 08:40:12 CET 2004

On Sun, 12 Dec 2004 05:00:55 +0100, Bernhard Kuemel said:

> gpg needs a slow algorithm to digest the passphrase before it decrypts
> the secret key. If it takes 1 s then dictionary or brute force attacks

It does as required by OpenPGP.  In fact you may even tune it to your

       --s2k-digest-algo name

                 Use name as the digest algorithm used to mangle the
                 passphrases.  The default algorithm is SHA-1.

       --s2k-mode n

                 Selects how passphrases are mangled. If n is 0 a
                 plain passphrase (which is not recommended) will be
                 used, a 1 adds a salt to the passphrase and a 3 (the
                 default) iterates the whole process a couple of
                 times.  Unless --rfc1991 is used, this mode is also
                 used for conventional encryption.

The iteration count is hardwired but easy to change



More information about the Gnupg-devel mailing list