Use of AES-256 with GPG?

Nick Andriash Nick Andriash <>
Sat Mar 3 19:16:04 2001

Hash: SHA1

I'm using GnuPGShell as a front-end for GPG 1.0.4-1 on a Win 98 Box. I
have set my "GPG Preferences" in GnuPGShell to use AES-256 as my default
symmetric algorithm, but every time I try generating new Key Pairs, they
are all reported as using the AES-128 Cipher. Even if I choose
Triple-DES, the AES-128 cipher is the one reported as being used.

Now someone on my PGP-Basics List has tried to explain to me why that
is, and I include an excerpt from that explanation below:

> AFAIK, symmetric cipher algorithm preferences aren't editable in GPG
> without editing the source. The default preference list is:

> buf[2] = CIPHER_ALGO_CAST5;

> Here, RIJNDAEL means 128 bits Rijndael, and the OpenPGP RFC says the
> fallback to 3DES is implicit.
> That's why the keys you generate use AES-128, it's on top of your
> preference list :-)

> The kewl thing is you can edit your key's preference list. "Just"
> change the preference list in the source, recompile, and change the
> expiration date (or put one) of your key, save, and put the expiration
> date back to where it was (or remove it).
So if I understand it correctly, does the "Options" file located in my GPG Directory have no effect on GPG in reference to the default Symmetric Cipher used? Is the only way to change the default to recompile the source? If so, what is the purpose of the options file? Nick -=N.J. Andriash | Vancouver, B.C. Canada=- [ TB! v1.51b1 | Win 98 SE 4.10 2222 A ] [ PGP 7.0.3 | Key ID: 0xC50284747BA3FDCE ] ____________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4-1 (MingW32) - GnuPGshell v1.52 Comment: Join PGP-Basics: iD8DBQE6oTOuxQKEdHuj/c4RAkdRAKCKOtkdDXv5x2rhH4SC+w6BRZ9nMQCfRZpG x6ui60deYPO/0w71lnUnbz4= =IMMk -----END PGP SIGNATURE-----