More questions about: "gpg: WARNING: message was not integrity protected"

Werner Koch wk at
Mon Apr 10 11:34:12 CEST 2006

On Sun, 9 Apr 2006 20:12:33 -0400, David Shaw said:

> AES256 is vastly stronger than most people need in practice.  Heck,
> CAST5 is vastly stronger than most people need in practice.  Even so,

For some application there is one point which makes AES stronger that
CAST5 or similar: AES works on 128 bit blocks whereas the older
algorithms work on 64 bit blocks.  The block size has nothing to do
with the key size but it is important too.  It is connected to the
mode of operation (CFB mode for OpenPGP).

One of the the main reasons to develop AES was to increase the block
size.  A large block size effectivly reduces the probabilty of
duplicate cryptograms which would allow to get some information about
the plaintext.  If you regulary encrypt large amounts (GBs) of highly
sensitive data you are better off with a 128 block size algorithm.



More information about the Gnupg-users mailing list