Symmetric encryption
Per Tunedal Casual
pt at radvis.nu
Wed Oct 27 13:53:43 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
At 23:50 2004-10-26, you wrote:
>On Tue, Oct 26, 2004 at 01:24:26PM +0200, Per Tunedal Casual wrote:
>> In that case it's important to know how the session key for
>> symmetric
>> encryption is derived from the passphrase. If hashing with SHA-1 i
>> used
>> that will set the limit to 160 bits.
>No. See RFC2440 section 3.6 for description
>>
>> In that case AES192 would be appropriate - only 32 bits wasted :-).
>> AES256
>> or TWOFISH would be ridiculous, wouldn't it?
>>
>> Per Tunedal
>
>--
> Pawel Shajdo
>
I read http://sunsite.icm.edu.pl/gnupg/rfc2440-3.html today.
As far as I can understand the key used for symmetric encryption is
derived from the
user supplied passphrase by hashing it (+ salting and maybe iterating
it). Thus the hash sets the limit. I suppose SHA-1 is used. Then we
will have 160 true bits. A key-length of e.g. 256 bits would be
overkill.
Per Tunedal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html
iD8DBQFBf4wuaDDfzFT+2PIRAoK0AKCQLzMzfvumFr2gIoz9Dp++UD4SJQCdFVP1
3U9N4crA96vw7f06nTPLOhk=
=M1rX
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list