IDEA algorithm

David Shaw
Tue Jul 8 18:11:02 2003

Hash: SHA1

On Tue, Jul 08, 2003 at 04:27:00PM +0200, Johan Wevers wrote:
> David Shaw wrote:
> >Well, sure... if you set IDEA as your first preference, it'll
> >certainly be used.
> But I've set all algorithms gpg uses in my key prefs. I have switched
> encrypt to self on (but I assume toy already understood that). When I
> check the key I'm encrypting to, I get:
>      Cipher: CAST5, 3DES, IDEA
>      Digest: SHA1
>      Compression: ZIP, Uncompressed
> while my own key has
>      Cipher: IDEA, TWOFISH, BLOWFISH, CAST5, 3DES, AES, AES192, AES256
>      Digest: SHA1, RIPEMD160, MD5, TIGER192
>      Compression: ZIP, ZLIB, Uncompressed
>      Features: MDC
> I would assume this would result in a message encrypted with CAST5, hash
> SHA1 and ZIP compression. Apparently GnuPG uses my preferences first,
> something I hadn't expect.

Yes.  The preference algorithm works like this:

1) Make a list of all preference items that exist for all recipients.

   In your case above that means (these are not in any particular order):
      Cipher: IDEA, 3DES, CAST5
      Digest: SHA1
      Compression: Uncompressed, ZIP
      Features: (none)

2) Pick an item in the intersection (if any), by using one of the
   recipients as the tie breaker.  If the tie breaker was your key,
   then you'd pick IDEA (since it is your first choice).  If your tie
   breaker was the other key, you'd pick CAST5 (since it is their
   first choice).

   The tie breaker is currently the first key encrypted to, which any
   --encrypt-to keys are.  If the first key encrypted to doesn't have
   any prefs, the lowest algorithm number is used (in the case above,
   that would be IDEA/SHA1/Uncompressed).

Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at