How secure is GnuPG

Johan Wevers
Tue Jul 23 20:55:02 2002

Daniel Carrera wrote:

> 1)  GnuPG cannot use the IDEA algorithm.

This is incorrect. There is an IDEA plugin.

> Does that incur any drop in security?

Not really, the other algorithms are also not broken. If they were, they
should be removed. The 3DES algorithm has had the most peer review of all
available ones, although this might change in favor of Rijndael (AES).

> I assume tha the original PGP authors used IDEA because they felt that it
> was the best.

This was only one person, Philip Zimmermann.

> Is GnuPG less secure?

No, it even has some security enhancements over the 2.x versions. However,
in favor of pgp 2.x speaks that the code has had exceptionally much peer
revieuw, certainly much more than the GnuPG code.

The reason for not using IDEA in the default build has only to do with
patent issues. If you don't care about them or they don't apply to you,
use the plugin.

> Is ElGamal more secure than RSA right now?

Not necessarily. When implemented correctly, both are assumed to be
more or less equally secure. However, for ElGamal it's easier to mess
up the implementation since it depends critically on the random number
generator. This is what happened with pgp 5.0i for Unix.

> Am I safe with my 1024 bit ElGamal key?

Probably yes.

ir. J.C.A. Wevers         //  Physics and science fiction site:   //
PGP/GPG public keys at