Is it safe to rename file.gpg to `md5sum file`?

Robert J. Hansen rjh at
Thu Dec 6 00:28:35 CET 2012

On 12/5/2012 6:10 PM, Max Parmer wrote:
> Here's my cite on the CAST weakness:

This falls squarely into the range of theoretical breaks.  Notice that
the attack requires 2**17 chosen plaintexts to all be encrypted with the
same symmetric key.  Since GnuPG uses disposable session keys, this is
pretty much completely irrelevant to GnuPG usage.

More information about the Gnupg-users mailing list