GPG --symmetric option and passphrases

David Shaw dshaw at
Mon Oct 6 17:17:55 CEST 2008

On Oct 6, 2008, at 10:54 AM, Kevin Hilton wrote:

> When using gpg with the --symmetric flag (as when symmetrically
> encrypting a file with a passphrase), is the passphrase salted and
> hashed?

Yes.  Unless you change that safe default with --s2k-mode.

>  Is so, how many times is it hashed, and what hashing
> algorithm is used for this process?

By default, it's 65536 iterations.  The hash algorithm is SHA-1,  
unless you change it with --s2k-digest-algo.

>  Is this controlled by some
> parameter in the gpg.conf file or command line flag?

--s2k-count is what you're looking for:

        --s2k-count n
               Specify how many times  the  passphrase  mangling  is   
               This  value  may  range between 1024 and 65011712  
inclusive, and
               the  default  is  65536.   Note  that  not  all   
values  in  the
               1024-65011712  range  are  legal  and  if  an  illegal   
value is
               selected, GnuPG will round up to the nearest legal  
value.   This
               option is only meaningful if --s2k-mode is 3.

As always, the defaults here are safe.  Don't change them unless you  
know what you're doing.


More information about the Gnupg-users mailing list