Selecting cipher to generate a key pair

vedaal at vedaal at
Fri May 1 20:41:04 CEST 2009

"Smith, Cathy" <cathy.smith () pnl ! gov> wrote on
Date: 2009-05-01 16:08:44 :

>I have a customer who can not accept our pgp public key.  
>They are asking for a specific cipher to be used in generating the 
public key.

this sounds like there might be a 'problem' ...

there are people who 'can' use 'any' cipher, but prefer a 
particular one,
or have a company policy to use a specific one, e.g .  AES-256 or 

and there are people whose programs can use only 'one' cipher, and 
no others

at the risk of taking 'wild guesses' ;-)
the only situations i can think of where a person 'cannot' accept 
anything other than one cipher are:

[1] a die-hard pgp 2.x user who needs a v3 key using IDEA
(yes, they still exist, but probably won't survive the move to 64 
bit systems)

[2] a company that is bound by some standard to use AES or 3DES
(i can't imagine any company really insisting on 'only Blowfish' 
and nothing else ;-) )
[ anyway, it was 'cracked on 24' and shown on network tv to have a 
'backdoor' ;-) ]

{please excuse the 'semi-off' geek humor, 
blowfish has 'no' backdoor and is still quite secure, 
no matter what hollywood writers say ;-)) }

if you have situation [1], you are out of luck using any current 
gnupg or pgp,
(there was a post on how to do this with an older gnupg version, 
but it would be much simpler to just use pgp2.x to generate it)

if you have situation [2],
it is much easier,

temporarily put the following 2 lines in your gpg.conf

s2k-cipher-algo name ('name' is the name of the cipher your client 

then save your gpg.conf
and run

gpg --gen-key

the key will be generated with the cipher your client wants

if this still doesn't help,
then please post 'exactly' what you need done


any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

Click to learn about options trading and get the latest information.

More information about the Gnupg-users mailing list