Setting encryption algorithm for specific key

David Shaw dshaw at
Wed Nov 20 23:58:53 CET 2013

On Nov 20, 2013, at 5:33 PM, Johan Wevers <johanw at> wrote:

> Hello,
> I communicate with someone whose key tells me it supports IDEA, and
> since that's my prefered algorithm my gpg uses it to encrypt the
> message. However, het setup does not in fact support it (any more, it
> used to do in the past). Re-signing the key is no option, this is as
> computer-literate as she'll get.
> I have now hardcoded cipher-algo in gpg.conf but is there an option I
> can select a specific cipher-algo for a particular key or recipient?

Not really.  This is one of the limitations of the preference algorithm in OpenPGP (well, a limitation of most algorithms): GIGO.  There is no easy workaround for a key falsely claiming support for a particular algorithm.

If you really can't get her to change her key, probably the best you can do is use personal-cipher-prefs to remove IDEA from the list of algorithm you'll consider.  That's a good bit better than hardcoding a particular algorithm, but is still global rather than per key or recipient.

There is a ugly hack you could use, which would be to create a dummy key, and set the preferences to not include IDEA.  Then make a group alias for her name that includes both her real key, and the dummy key.  Thus, when encrypting to the alias, you'll be encrypting to both her and the dummy.  Since the dummy doesn't allow IDEA, IDEA cannot be chosen overall.  That's per recipient, but pretty messy.


More information about the Gnupg-users mailing list