Change key prefs; few questions

Chris Poole lists at
Sun Jul 3 10:37:55 CEST 2011


There's no way to change the cipher used for encrypting the private key itself (CAST5 I believe)?

(Not that I would, as I'm sure the default is more than good enough for my needs.)

Also, if I understand correctly, someone trying to brute-force the key would need to guess my passphrase, then pass it through the key stretching algorithm that gpg uses, before trying to decrypt the key. How often does the "work function" defining how long the key stretching process take, get updated? (I can't find an option to make it user configurable.)



On 3 Jul 2011, at 01:38, David Shaw <dshaw at> wrote:

> On Jul 2, 2011, at 3:37 PM, Chris Poole wrote:
>> Hi,
>> I changed the order of preferred ciphers and hash functions using setpref. My public key has changed, but not the fingerprint. 
> That is correct.  Changing the various preferences does not change the fingerprint.  The fingerprint remains constant no matter what you do to the key (changed/new preferences, new subkeys, new user IDs, etc).
>> Is the done thing now to ask anyone with the key to pull the latest version? (I've already updated the keyserver version.)
> You can ask them to update, if you like.  It's up to you if the change you made to the preferred list is important enough.  Some people refresh their keys periodically anyway.
> David

More information about the Gnupg-users mailing list