GnuPG Defaults

David Shaw dshaw at
Wed Sep 17 07:07:04 CEST 2008

On Sep 17, 2008, at 12:51 AM, Kevin Hilton wrote:

> On Tue, Sep 16, 2008 at 11:50 PM, Robert J. Hansen <rjh at 
> > wrote:
>> Kevin Hilton wrote:
>>> I'm sure its probably contained in one of the RFC's, however when  
>>> was
>>> DSA signing keys and ElGamal Encryption keys, along with the AES-256
>>> cipher and SHA1 digest chosen as the defaults for key generation?   
>>> Any
>>> particular reasons these were chosen as the defaults?
>> DSA-1024 is a MUST in the RFC, and therefore is interoperable with  
>> every
>> conforming OpenPGP implementation.  Likewise with SHA-1.
>> AES is a SHOULD, and is interoperable with the great majority of  
>> OpenPGP
>> applications (PGP 7.1+).
>> As DSA-2048 and DSA-3072 support becomes more commonplace (read: as
>> people migrate away from older versions of PGP and GnuPG, a process  
>> that
>> takes astonishingly long), you can expect to see the defaults  
>> change.  I
>> don't know too many people who are still enthusiastic about DSA-1024,
>> although it's still considered infeasible to break it.
> Im slighly confused.  I thought in terms of GnuPG - AES256 was the
> default cipher as of version 1.48.  I thought 3DES was still the
> standard cipher according to the OpenGPG spec.  I dont use PGP,
> however it would seem that you were implying 3DES is still the default
> cipher type in this product?

3DES is the default cipher for every and all OpenPGP compliant program.

> Any knowledge on why ElGamal was chosen over RSA as the default
> session key cipher?

I'm not sure what you mean by "session key cipher".  Elgamal, like  
RSA, is a public key (aka "asymmetric") algorithm.  It was chosen  
largely because it was patent-free, and at the time, RSA was most  
certainly not.


More information about the Gnupg-users mailing list