More questions about: "gpg: WARNING: message was not integrity protected"

Robert J. Hansen rjh at
Mon Apr 10 01:44:18 CEST 2006

David Shaw wrote:
> That's sort of an apples and oranges question.  CAST5 is a 128-bit
> cipher.  AES256 is a 256-bit cipher.  Is CAST5 weaker than AES256?
> Yes, but that's that not to say that CAST5 is broken somehow: AES256
> is just twice as large.

Forgive me for being pedantic, but I'd like to make a small
clarification here for the benefit of people who don't understand what
key sizes mean.

The key is twice as large.  That doesn't mean there are twice as many
keys.  It has considerably more than that.

AES256 has about 100,000,000,000,000,000,000,000,000,000,000,000,000
times as many possible keys as CAST5.  The difference between the two is
almost incomprehensible.

Again, apologies for the pedantry.  :)

More information about the Gnupg-users mailing list