1.07 RSA support questions (Larry Ellis)

Leigh S. Jones, KR6X kr6x@kr6x.com
Mon Jun 3 19:23:02 2002 

I'd suspect that your answer is that IDEA is assumed to
be unavailable by the developers of GPG.  I'd guess
that none of the GnuPG team have any objections to the
security of the algorithm and all of them would favor full
interoperability with PGP.  But the legal issues override
these considerations.  Perhaps for legal reasons the
GnuPG developers must consider the plug-in algorithm
support to be a rogue element.

At the same time I was under the impression that 3DES
has been supported in most PGP implementations that use
RSA legacy keys.  Perhaps this is a non-issue, as 3DES
just might do a very good job for you.  It's certainly strong
enough to stop any corporate or organized crime attacks
for the next decade.  But, I'll admit that years ago when I
was a PGP 2 user I never paid much attention to the
algorithms that it used.  In those days the US federal
banking system was still using crypto devices that used
56 bit single DES and running modem connections through
the public telephone lines.  I was quite perplexed to learn
recently that the US system of ATM's still include many
using dial telephone modem connections...

----- Original Message -----
From: "Larry Ellis" <Larry_C_Ellis@hotmail.com>
To: <gnupg-users@gnupg.org>
Sent: Monday, June 03, 2002 09:15
Subject: Re: 1.07 RSA support questions (Larry Ellis)


> Well, primarily, I'm just trying to make sure that I have maximum
> interoperability between versions, and that I understand any quirks in
> getting things to work.
>
> It's clear that changes within GPG are not geared towards improving the
ease
> of choosing RSA/IDEA.  That's fine; it's not a great choice for new users.
>
> I know how to force the use of IDEA, if I foolishly choose to do so.  My
> only outstanding question was why 3des is being chosen for encryption, by
> default, *in combination with* RSA, even when IDEA is available.  I
thought
> GPG automatically chose IDEA in such cases (at least that's the way it
> worked on 1.06).
>
> Perhaps I have misconfigured something somewhere, but I know that I have
not
> specified a cipher override, either on the command line, or in the options
> file...
>
>
>
>
>
> ----- Original Message -----
> From: "Leigh S. Jones, KR6X" <kr6x@kr6x.com>
> To: <gnupg-users@gnupg.org>
> Sent: Monday, June 03, 2002 11:08 AM
> Subject: Re: 1.07 RSA support questions (Larry Ellis)
>
>
> > I think perhaps that some of your primary questions have
> > gone unanswered here.  Surprising, because you've
> > been responded to by some people very important to
> > the gpg development effort.  Perhaps my understanding
> > of your question is wrong.  Was it:
> >
> > 1) How to select IDEA for certain encryption events
> >
> > or
> >
> > 2) How to automatically use IDEA whenever an RSA
> > Legacy public key is used to encrypt
> >
> > or
> >
> > 3) How to always use IDEA
> >
> > ----- Original Message -----
> > From: "Larry Ellis" <Larry_C_Ellis@hotmail.com>
> > To: <gnupg-users@gnupg.org>
> > Sent: Monday, June 03, 2002 08:32
> > Subject: Re: 1.07 RSA support questions
> >
> >
> > >
> > > ----- Original Message -----
> > > From: "David Shaw" <dshaw@jabberwocky.com>
> > > To: <gnupg-users@gnupg.org>
> > > Sent: Monday, June 03, 2002 10:03 AM
> > > Subject: Re: 1.07 RSA support questions
> > >
> > >
> > > David Shaw wrote:
> > > >
> > > > > 1. When encrypting to a legacy RSA key, I get 3DES, not IDEA, as
my
> > > > > cipher choice even though the IDEA plugin is installed.  I have no
> > > > > cipher override in the options file, though at one time I *did*
have
> > > > > 3DES there...  Of course, if --pgp2 is used, IDEA *is* used as
> > > > > expected.  Perhaps I should place --pgp2 in my options file? Are
> there
> > > > > any disadvantages to doing so?
> > > >
> > > > Yes, there are.  If "pgp2" is set in the options file, GnuPG
disables
> > > > certain options that you might want to use (like sign&encrypt in one
> > > > step!)
> > > >
> > >
> > > Ok, then I'd best not put pgp2 in my options file.  This still leaves
> open
> > > one question:  why would 3des be chosen as the default cipher for a
> legacy
> > > RSA key?   1.06 used RSA/IDEA as I recall, while as opposed to 1.07's
> > > RSA/3DES (at least this is happening for me).
> > >
> > > Is this a change in behavior, or a possible bug?
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > Gnupg-users mailing list
> > > Gnupg-users@gnupg.org
> > > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> > >
> >
> >
> > _______________________________________________
> > Gnupg-users mailing list
> > Gnupg-users@gnupg.org
> > http://lists.gnupg.org/mailman/listinfo/gnupg-users
> >
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users@gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>