any way to use gpg(openpgp) with Argon2

Werner Koch wk at
Wed Jun 20 19:23:47 CEST 2018

On Tue, 19 Jun 2018 14:20, calestyo at said:

> Or is there any integration of argon2 planned into the standard (and
> this going to happen in a forseeable time)?

I doubt that it will make it into rfc4880bis.  I also see no reason for
it.  Passphrases must die.

I fact OpenPGP is mostly about public key encryption and thus we don't
use passphrases for its main tasks.  Passphrases can be used to protect
a private key but that is questionable because if you box is already
compromised the passphrase does not help much.  The other use of
passphrases is symmetric-only encryption (command -c) but in most use cases
the passphrase comes from another application or a database and is not
entered manually.  In this case I consider it better to use --s2k-mode=0
along with a full entropy passphrase instead of relying on passphrase
mangling algorithms - they are designed for manual interaction and not
for large scale use with thousands of messages.

For disk encryption it is better to use a token than a secure passphrase
most humans can't remember.



#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-devel mailing list