why is CAST5 used instead of AES for seckey encryption?
Robert J. Hansen
rjh at sixdemonbag.org
Sun Jun 17 19:02:11 CEST 2012
On 06/17/2012 11:56 AM, Sam Smith wrote:
> Curious as to why the encryption standard AES is not used to encrypt
> secret keys for GPG?
Because GnuPG predates AES. When GnuPG 1.0 came out AES has yet to be
invented. CAST5-128 was the choice back then, and nobody's changed it
yet -- at least partially because it doesn't need to be changed: there
are no known attacks on CAST5-128.
> Do people generally change the cipher to AES when generating their
> secret key?
This is impossible to answer definitively, because nobody has a
perspective on what the whole of the GnuPG community is doing with our
gpg.conf files. That said, I think you will find only a minority of
users do this. I don't, and I've never heard any of my correspondents
say that they do.
More information about the Gnupg-users