GnuPG Defaults
Kevin Hilton
kevhilton at gmail.com
Wed Sep 17 07:27:54 CEST 2008
>
> 3DES is the default cipher for every and all OpenPGP compliant program.
>
>> Any knowledge on why ElGamal was chosen over RSA as the default
>> session key cipher?
>
> I'm not sure what you mean by "session key cipher". Elgamal, like RSA, is a
> public key (aka "asymmetric") algorithm. It was chosen largely because it
> was patent-free, and at the time, RSA was most certainly not.
>
> David
>
>
Just one point of clarification since I'm not using the proper
terminology, but I thought ElGamal/RSA was used only as the asymmetric
algorithm which acted to encrypt/decrypt the session key. As with all
asymmetric key encryption algorithms, each has 3 parts: the key
generator, the encryption algorithm, and decryption algorithm. I
thought however once the encryption key was generated, this key would
be used to encrypt the randomly generated session key -- which would
be later decrypted, and then used as input to the symmetric cipher to
decrypt the ciphertext to plain text.
And lastly -- not to beat a dead horse, but using gnupg 1.4.10
compiled from svn with the IDEA module included -- I generated a new
key and then viewed the key preferences (no changes have been made to
the gpg.conf file -- the file is in its default state). I received
the following as the preferences:
Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
Digest: SHA1, SHA256, RIPEMD160
Compression: ZLIB, BZIP2, ZIP, Uncompressed
Features: MDC, Keyserver no-modify
Would not this output seem to imply the key was generated with
preference for the AES family over 3DES? I am aware that at a minimum
keys are always created with 3DES included in the cipher preference
list. Possibly both you and I are confusing the idea of default. I
am aware of default in terms of compatibility that 3DES must be
included in any OpenGPG compliant implementation, however I thought as
a "default", gnupg preferred AES over 3DES (as over 1.4.8).
--
Kevin Hilton
More information about the Gnupg-users
mailing list