Strongest Key, Hash, and Cypher Algorithms

Atom Smasher atom at
Mon Feb 7 07:00:06 CET 2005

Hash: SHA256

On Sat, 5 Feb 2005, Wesley Tabadore wrote:

> I'm new to GPG and encryption in general and trying to figure out the 
> strongest way to encrypt files (less than 100 megs in size).  Speed is 
> not at all a concern, strength of the encryption is the most critical 
> thing.

there are no weak algorithms in pgp/gpg. even the "weakest" algorithms 
should be fine against any attack that can currently be mounted against 

> I would like to encrypt some files symmetrically and other files 
> asymmetrically, so I am trying to understand the strength of both 
> methods.

the strength of symmetric encryption is that you don't need to keep a key 
in a file. all you need to do is remember the passphrase and you will 
always be able to decrypt your data.

the strengths of asymmetric encryption are unattended encryption (you 
don't have to type a passphrase to encrypt) and secure communication 
across an insecure channel (such as the internet) between 2 or more 

> Based on the research I have done thus far, I undertand that in both 
> cases, I need to ensure the passphrases are strong.  Having long 
> passphrases is not an issue.  I am inclined to use the DiceWare method 
> to generate the passphrases.  Any comments on this method?

diceware is good. more info on other techniques -

> Symmetric encryption: Which current GPG Hash and Cypher Algorithm are 
> the strongest and how many bits of entropy (or DiceWare words) would my 
> passphrase have to contain in order to gain the most benefit from this 
> Hash/Cypher Algorithm combination?

hashing is rarely done with symmetric encryption (except as part of the 
s2k process). in a way, knowing the passphrase *is* authentication (and in 
another way, it isn't).

(all other factors being equal) the bigger the passphrase, the more 
protection. the question you should ask is "what size passphrase is 
sufficient for the secrets i want to keep?" check out these sections of 
the diceware FAQ -
 	How long should my passphrase be?

 	What if I want a passphrase with full 128-bit security?

> Asymmetric encryption: What type of key should I generate and how do I 
> choose the strongest Hash and Cypher Algorithm when encrypting files? 
> Also how long should my passphrase be (bits of entropy or DiceWare 
> words) in order to gain the most benefit in security from this scheme?

the key types and algorithm preferences, if you don't use the defaults, 
should be based on your latest research and suspicions of what information 
you have. some people don't like 3DES... other people don't like 
BLOWFISH/TWOFISH... i don't like AES... at the end of the day, none of the 
algorithms are broken, or even close to being broken, but many of us have 
our favorites. only your research and/or crystal ball will dictate which 
algorithms you decide to trust most, or not at all.

- -- 

  PGP key -
  762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808

 	"I have presented factual data, statistical data, and
 	 projected data. Form your own conclusions. Perhaps the
 	 NSA has found a polynomial-time (read: fast) factoring
 	 algorithm. But we cannot dismiss an otherwise secure
 	 cryptosystem due to paranoia. Of course, on the same
 	 token, we cannot trust cryptosystems on hearsay or
 	 assumptions of security. Bottom line is this: in the
 	 field of computer security, it pays to be cautious. But
 	 it doesn't pay to be un-informed or needlessly paranoid.
 	 Know the facts."
 		-- infiNity, The PGP Attack FAQ

Version: GnuPG v1.4.0 (FreeBSD)
Comment: What is this gibberish?


More information about the Gnupg-users mailing list