Strongest Key, Hash, and Cypher Algorithms
atom at smasher.org
Mon Feb 7 07:00:06 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 5 Feb 2005, Wesley Tabadore wrote:
> I'm new to GPG and encryption in general and trying to figure out the
> strongest way to encrypt files (less than 100 megs in size). Speed is
> not at all a concern, strength of the encryption is the most critical
there are no weak algorithms in pgp/gpg. even the "weakest" algorithms
should be fine against any attack that can currently be mounted against
> I would like to encrypt some files symmetrically and other files
> asymmetrically, so I am trying to understand the strength of both
the strength of symmetric encryption is that you don't need to keep a key
in a file. all you need to do is remember the passphrase and you will
always be able to decrypt your data.
the strengths of asymmetric encryption are unattended encryption (you
don't have to type a passphrase to encrypt) and secure communication
across an insecure channel (such as the internet) between 2 or more
> Based on the research I have done thus far, I undertand that in both
> cases, I need to ensure the passphrases are strong. Having long
> passphrases is not an issue. I am inclined to use the DiceWare method
> to generate the passphrases. Any comments on this method?
diceware is good. more info on other techniques -
> Symmetric encryption: Which current GPG Hash and Cypher Algorithm are
> the strongest and how many bits of entropy (or DiceWare words) would my
> passphrase have to contain in order to gain the most benefit from this
> Hash/Cypher Algorithm combination?
hashing is rarely done with symmetric encryption (except as part of the
s2k process). in a way, knowing the passphrase *is* authentication (and in
another way, it isn't).
(all other factors being equal) the bigger the passphrase, the more
protection. the question you should ask is "what size passphrase is
sufficient for the secrets i want to keep?" check out these sections of
the diceware FAQ -
How long should my passphrase be?
What if I want a passphrase with full 128-bit security?
> Asymmetric encryption: What type of key should I generate and how do I
> choose the strongest Hash and Cypher Algorithm when encrypting files?
> Also how long should my passphrase be (bits of entropy or DiceWare
> words) in order to gain the most benefit in security from this scheme?
the key types and algorithm preferences, if you don't use the defaults,
should be based on your latest research and suspicions of what information
you have. some people don't like 3DES... other people don't like
BLOWFISH/TWOFISH... i don't like AES... at the end of the day, none of the
algorithms are broken, or even close to being broken, but many of us have
our favorites. only your research and/or crystal ball will dictate which
algorithms you decide to trust most, or not at all.
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
"I have presented factual data, statistical data, and
projected data. Form your own conclusions. Perhaps the
NSA has found a polynomial-time (read: fast) factoring
algorithm. But we cannot dismiss an otherwise secure
cryptosystem due to paranoia. Of course, on the same
token, we cannot trust cryptosystems on hearsay or
assumptions of security. Bottom line is this: in the
field of computer security, it pays to be cautious. But
it doesn't pay to be un-informed or needlessly paranoid.
Know the facts."
-- infiNity, The PGP Attack FAQ
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?
-----END PGP SIGNATURE-----
More information about the Gnupg-users