Selecting cipher to generate a key pair

Smith, Cathy cathy.smith at
Fri May 1 23:42:26 CEST 2009

Is there a brief explanation available as to how the cipher is used in
generating the private/public keys?  It seems this is separate from the
cipher that is chosen to encrypt my data.



Cathy L. Smith

Pacific Northwest National Laboratory
Operated by Battelle for the
U.S. Department of Energy

Phone:	509.375.2687
Fax:	      509.375.2330
Email:	cathy.smith at

-----Original Message-----
From: gnupg-users-bounces at
[mailto:gnupg-users-bounces at] On Behalf Of Robert J. Hansen
Sent: Thursday, April 30, 2009 9:14 PM
To: Allen Schultz
Cc: gnupg-users
Subject: Re: Selecting cipher to generate a key pair

Allen Schultz wrote:
> What's the default to encrypting/hashing the secret key? And how good
is it?


It's hard to talk about how good it is.  Cryptography is an intensively
mathematical discipline, and most people are not very well-equipped to
discuss those details.

Ultimately, it would be like arguing whether King Kong or Godzilla is
better at urban destruction.  Biologists can argue until the cows come
home which one would be better and why, but from the perspective of your
average inhabitant of Tokyo or New York City the answer is, "Who cares?
 Get out of town _right now_!"

>From the perspective of the overwhelming majority of OpenPGP users,
CAST5-128 does the job just fine.  The only instances I'm aware of in
which CAST5-128 doesn't do the job well are ones where bureaucratic
rules require specific algorithms, and CAST5-128 isn't on that
checklist.  That's a bureaucratic failing, though, not a failing of

Gnupg-users mailing list
Gnupg-users at

More information about the Gnupg-users mailing list