Strength of ciphers in PGP?

Robert J. Hansen rjh at
Tue Mar 4 18:18:10 CET 2008

Anonymous wrote:
> Do anyone have links to comparisons of the ciphers traditionally used in
> PGP (IDEA, CAST5, 3DES). Thank you.

Yes.  IDEA is Godzilla, CAST5 is Moth-Ra and 3DES is MechaGodzilla.
They all excel at stomping cities flat and terrorizing inhabitants.  All
that people in Tokyo need to know about them is "when you see them
coming, run for the hills."

The above answer is tongue in cheek, but there's a lot of accuracy in
it.  Unless you're a professional cryptographer, the various
cryptanalytic analyses of the OpenPGP cipher suite are going to be
pretty much meaningless and unhelpful.  For 99% of other people--myself
included--it really reduces down to "they are all believed resistant
against all known forms of cryptanalysis, and are impractical to brute

If you really want to go down this road, it would help if you clarified
your question a lot.  What sort of comparisons?  How many operations are
involved in an encryption cycle?  Decryption cycle?  How much processing
is involved in key setup?  Relative size of code?  Hardware
requirements?  Efficiency?  Best known cryptanalytic attacks?  Etc., etc.

Your question, as phrased, is far too general to give any sort of
meaningful answer except "as far as the layman is concerned, they're
pretty much identical".

More information about the Gnupg-users mailing list