Security of 3DES

Peter Lebbing peter at
Tue Sep 3 18:49:07 CEST 2013

My main point is furtheron because I reply inline

On 02/09/13 06:04, Henry Hertz Hobbit wrote:
> CAST5 is a good last choice because some of the time that is all others can
> handle. Make sure CAST5 is always a last or next to last choice because that
> may be all that they can do with a limited horsepower box.

I have to assume "can handle" here means: get good encryption speed. Because:

> You may even want 3DES as a last option for those that got stuck there for
> some reason.

We /are/ talking OpenPGP here, so any implementation is required to be able to
handle 3DES. There is no OpenPGP-conformant implementation that will do CAST5
but not 3DES. Also, 3DES is always in your preference list; if not explicitly,
it's implicitly added as the least-preferred algorithm (i.e., at the end of the

> Compression?  The symmetric ciphers seem to always have better compression
> than either zlib (gzip) or zip.

To expand on what Johan Wevers said: symmetric ciphers do not change the length
of the encrypted text (by more than the block size). They certainly do not
compress. Usually, data is compressed before encrypting it (compressing it after
is pretty useless). If you set your key preferences to not allow compression,
files encrypted to your key will not be smaller than the original files.

> Time marches on and what was good 10+ years ago (3DES) is no match for modern
> CPU power.

*Here is my main point* which made me decide to reply.

3DES is safe. It's incredibly safe! How is it no match for modern CPU power?
There are no practical attacks on 3DES. What are you trying to say?

> 4. If possible, the backup of the keys themselves in an an enciphered file

A passphrase on a key is already encryption and it is useless to encrypt it more
beyond that.

> Alternatively, 7-zip could be used with its built-in AES128 bit cipher

... which just creates a useless dependency on a piece of software you might not
be able to get for your computer in 10 or 20 years, IMHO. Put a passphrase on
the key and presto, nothing more needed.



I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <>

More information about the Gnupg-users mailing list