Selecting cipher to generate a key pair

Smith, Cathy cathy.smith at
Sat May 2 01:41:03 CEST 2009

Thanks.  I'll try that.


Cathy L. Smith

Pacific Northwest National Laboratory
Operated by Battelle for the
U.S. Department of Energy

Phone:	509.375.2687
Fax:	      509.375.2330
Email:	cathy.smith at

-----Original Message-----
From: Robert J. Hansen [mailto:rjh at] 
Sent: Friday, May 01, 2009 4:39 PM
To: Smith, Cathy
Cc: Allen Schultz; gnupg-users; Hallquist, Roy S Jr
Subject: Re: Selecting cipher to generate a key pair

Smith, Cathy wrote:
> The customer said they have a proprietary implementation that only 
> supports Blowfish or 3DES for the key.  I'm still trying to find out 
> exactly what that means.

Okay, that much makes sense now.

I would suggest adding:

cipher-algo 3DES

... to your .gnupg/gpg.conf file.  This is a sledgehammer solution, and
not one I'd generally recommend; however, the downsides are pretty
minimal.  Then encrypt a message using their public key and send it on
to them.  If they can read it, great.  If they can't, then the problem
is their proprietary implementation of OpenPGP is shoddy.

Incidentally, if your customer is a telecommunications firm, I think I
may know the implementation they're using and some of its more egregious
misfeatures.  Other than that one and PGP Corporation's offering,
though, I have no experience with proprietary OpenPGP offerings.

More information about the Gnupg-users mailing list