Rijndael
Werner Koch
wk@gnupg.org
Mon, 8 Jan 2001 09:39:38 +0100
On Sun, 7 Jan 2001, Peter Schuller wrote:
> I'm just wondering; in what manner is Rijndael supported? I see no mention
Rijndael (aka AES) is fully supported. Because it is a symmetric
cipher you won't see it in the key generation menu. However,
Rijndael is listed with top priority in the preferences for
symmetric algorithms.
> I may be confused about this, but the way I understand it one algorithm is
> used to encrypt/decrypt actual content, and one algorithm is used to encrypt
> the private key with a passphase.
The default algorithm used to protect the passphrase is CAST5.
The default algorithm used for symmetric only encryption (gpg -c) is
also CAST5 - you change this with the option --cipher-algo RIJNDAEL.
If you use --s2k-cipher-algo RIJNDAEL both, passphrase protection
and symmetric only encryption, uses RIJNDAEL.
Unless you use --cipher-algo, the symmetric algorithm used for
normal public key encryption is calculated by looking at the
preferences of all recipients keys.
> Also, does Rijndael support arbitrary key sizes? I've seen horrifying
> statements that it supports "256 bit keys" (and similar) which would
> indicate that it does *not*.
AES is defined to allow 3 key seizes: 128, 192, 256 bit. I don't
suggest to use 192 or 256 because this is just overkill for almost
all applications of GnuPG.
Werner
--
Werner Koch <wk@gnupg.org>
GNU Privacy Guard (http://www.gnupg.org)
Free Software Foundation Europe (http://www.fsfeurope.org)
[Please see X-* mail header for OpenPGP key info]
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org