Question about history of hash and cipher collections

Robert J. Hansen rjh at sixdemonbag.org
Mon Jan 14 23:40:49 CET 2008


Jorgen Christiansen Lysdal wrote:
> Which leads me to a question. Since I don't like that gpg falls back to 
> 3DES, if a cipher cannot be agreed opon. Would it be possible to change 
> it to AES256 or something, in a relative easy way? Maybe a small change 
> to source, and building myself? (BTW, thanks for gpg4win making it easy)

What's wrong with 3DES?  It's ridiculously slow, of course, but even 
after all these years it's still sturdy as a Soviet workers' housing bloc.

Anyway, to answer your question... not in a way which will interoperate 
well.  According to 2440, 3DES is the only MUST symmetric algorithm, 
which means it will be supported by all clients.

If you're willing to take the interoperability hit, I would suggest 
looking into g10/pkclist.c line 1263, "select_algo_from_prefs".  That 
appears to be the best place to hack in what you have in mind.




More information about the Gnupg-users mailing list