GnuPG Defaults

[David Shaw]

On Wed, Sep 17, 2008 at 12:41:16AM -0500, Kevin Hilton wrote:
> >> Would not this output seem to imply the key was generated with
> >> preference for the AES family over 3DES?
> >
> > No.
> >
> > The preferences on a key are actually not very preferential.  It's a
> > capability list far more than it is a preference list.  The fact AES
> > comes before CAST5 matters very little.
> >
> > personal-cipher-preferences is what you're thinking of.  This gets set
> > in the gpg.conf file, not on your key.
> >
> >
> >
> 
> Thanks, I was definitely misguided.  However just a quick followup.
> 
> My gpg version contains far more capabilities (ie TWOFISH, BLOWFISH),
> than what was listed in the key.  Why were these not included in the
> "capability list"?

For several reasons, firstly, it's pure crypto conservatism.  Don't
use n+1 algorithms where n could work.  The other reason is more
practical - as can be seen by the never-ending discussion over IDEA,
and the "will version X work with version Y" questions, there is some
benefit to knowing that everyone can handle the same algorithms.  When
the decision was made to only include a subset of algorithms in the
default preference list, PGP didn't fully support preference lists,
and this spawned a whole array of "--pgp6", "--pgp7, "--pgp8" options
to tell GPG who was on the other side.

Nowadays, PGP fully supports preference lists, but we've stuck with
the shorter cipher list.  It's simpler, and simpler is usually better
in the crypto world.

> If I do not specify a personal-cipher-preference or cipher-algo within
> the gpg.conf file, 3DES will always be chosen as the cipher algorithm?

No.  If you don't specify, GPG will take the union of every cipher
preference on every key you are encrypting to.  It will pick the
cipher from that list.  If that list is empty, it will pick 3DES.

David