Symmetric encryption

Per Tunedal Casual pt at radvis.nu
Wed Oct 27 13:53:43 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 23:50 2004-10-26, you wrote:
 >On Tue, Oct 26, 2004 at 01:24:26PM +0200, Per Tunedal Casual wrote:
 >> In that case it's important to know how the session key for
 >> symmetric
 >> encryption is derived from the passphrase. If hashing with SHA-1 i
 >> used
 >> that will set the limit to 160 bits.
 >No. See RFC2440 section 3.6 for description
 >>
 >> In that case AES192 would be appropriate - only 32 bits wasted :-).
 >> AES256
 >> or TWOFISH would be ridiculous, wouldn't it?
 >>
 >> Per Tunedal
 >
 >--
 >   Pawel Shajdo
 >
I read http://sunsite.icm.edu.pl/gnupg/rfc2440-3.html today.

As far as I can understand the key used for symmetric encryption is
derived from the
user supplied passphrase by hashing it (+ salting and maybe iterating
it). Thus the hash sets the limit. I suppose SHA-1 is used. Then we
will have 160 true bits. A key-length of e.g. 256 bits would be
overkill.

Per Tunedal

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html

iD8DBQFBf4wuaDDfzFT+2PIRAoK0AKCQLzMzfvumFr2gIoz9Dp++UD4SJQCdFVP1
3U9N4crA96vw7f06nTPLOhk=
=M1rX
-----END PGP SIGNATURE-----





More information about the Gnupg-users mailing list