How secure is GnuPG

David Shaw
Tue Jul 23 18:35:02 2002

On Tue, Jul 23, 2002 at 11:38:39AM -0400, Daniel Carrera wrote:
> Hello,
> I am new to GnuPG and I have a few questions.  Though I am a
> mathematecian, I am not a cryptographer.  I only have passing knowledge of
> cryptography.
> 1)  GnuPG cannot use the IDEA algorithm.
> Does that incur any drop in security?
> I assume tha the original PGP authors used IDEA because they felt that it
> was the best.  Is GnuPG less secure?  or does it compensate in some way?

PGP 2 used only IDEA as a symmetric cipher.  More recent OpenPGP
implementations, which includes GnuPG and PGP 6 and 7 from the PGP
folks, may use several different symmetric ciphers, one of which is

GnuPG does not come with IDEA for patent reasons (see, but it can use it if the
patent restrictions do not apply to you.  You can download it from
that web page.

As to the security issue, IDEA is not generally felt to be
particularly more or less secure than the other comparable ciphers.
Read for more in-depth

> 2)  RSA and factoring.
> I have read that the author of qmail (a cryptographer) devised a
> hypothetical machine which could use parallelism to improve factoring
> speed.
> Some have advised to only use 2048 bit RSA keys from now on.

Some folks disagree.  Even Bernstein himself points out that his
proposed method may not be usable in practice.

In any event, it is perfectly reasonable to make 2048 bit (or larger)
RSA keys if you prefer.

> How does this affect a default GnuPG setup?
> When I setup GnuPG (v 1.0.6) the options only included DSA and ElGamal.
> Does this mean that GnuPG does not use RSA by default?

It means you need to upgrade :)  GnuPG 1.0.7 includes RSA key generation.

> Is ElGamal more secure than RSA right now?

> Am I safe with my 1024 bit ElGamal key?

Depends who your attacker is.  Unless you're concerned about a large
government, then probably it is.


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson