Changing preferences

David Shaw dshaw at
Wed Sep 24 06:07:07 CEST 2008

On Sep 23, 2008, at 11:03 PM, Faramir wrote:

>  Well, I wrote what I intend to use as default preferences, but before
> modifying anything I wanted to ask opinions...
> For encryption: AES256 AES192 TWOFISH AES CAST5 3DES (didn't include
> Blowfish because I was told it is not supported by PGP, and also its
> author says people should move to Twofish). I am not sure if Twofish
> uses 256 bits keys, or shorter (according to wikipedia, it can use
> different lengths of keys).

It doesn't matter whether PGP supports Blowfish or not (this actually  
depends on the PGP version - there are varying levels of support).   
What matters for preferences is what *you* like.  If you like  
Blowfish, put it in there.  It doesn't matter if a million or zero  
other programs support it.  Your preferences are purely what you like,  
and whether anyone else supports it is irrelevant.  The protocol takes  
care of not using any cipher that you won't be able to decrypt.

Twofish in OpenPGP is a 256-bit cipher.

> For hashing: SHA256 SHA512 SHA1 RIPEMD160 (I prefer to don't use SHA1
> since it is not as safe as it was supposed to be, and since my key
> doesn't expire, the idea is not having to alter it in shot or medium
> time. SHA512 seems a bit oversized... but I suppose the sender will
> decide what to use. I am not sure if to add the other SHA hashing  
> algo's
> since something with a length that is not 2^n looks a bit unusual to  
> me...).

SHA-384 is actually SHA-512 with 128 bits lopped off.  SHA-224 is  
actually SHA-256 with 32 bits lopped off.  Same algorithms, slightly  
different setup.

> And for compression: ZLIB BZIP2 ZIP Uncompressed
> What is better, to use S1 S2 S2 codes, or the names? I figure using  
> the
> codes would save a bit of space, and since I don't have to keep those
> codes in my memory, it is not a problem for me to enter them that way.

Use the names.  You're not wasting any space on the key, since the  
names are always converted to a single byte each when written onto a  
key.  Plus, the names are just easier.

Now to the big question: is there any reason to change the default  
preferences at all?  No, not really.  The defaults were carefully  
chosen to be good conservative algorithms.  Why change that?  For what  
it's worth, I can say that unlike most poking about and changing  
values in OpenPGP, you can't really hurt yourself changing the  
preferences.  The very worst thing you can do to yourself is end up  
using 3DES for your cipher, and that's just fine (some people even  
select it on purpose).  3DES is very secure, but very slow.


More information about the Gnupg-users mailing list