Question about history of hash and cipher collections

Robert J. Hansen rjh at
Tue Jan 15 20:01:53 CET 2008

Kevin Hilton wrote:
> From what you are saying about cipher/hashes, it sounds as an end user
> of gnupg, it would be best to regularly rotate my personal cipher/hash
> preferences.

Ack!  No.  No.  No.

My advice has been the same for years: unless you know precisely what 
you're doing and why, stick with the defaults.  GnuPG's defaults are 
excellent.  They make good sense.  They interoperate well.  Don't mess 
with them unless you know precisely what you're doing and why.

> And lastly, not to be a conspiracy theorist, but how certain can I be
> that the NSA (who probably employs the single largest collection of
> cryptographers) hasn't discovered "back-doors" or cracks in the
> encryption algorithms?  I always get asked this by my brother, and I'm
> not sure how best to respond.

I get asked this question a lot.  The full answer can be found at:

More information about the Gnupg-users mailing list