NSA backdoors and Set Preferred Cipher

Pete Stephenson pete at heypete.com
Sat Sep 7 22:30:07 CEST 2013


On Sat, Sep 7, 2013 at 2:11 PM, Mike Acker <mike_acker at charter.net> wrote:
> a lot of information has been reported recently regarding NSA an back-door
> entries behind digital encryption
>
> attached are some notes I offered recently on the MINT forum
>
> i have altered my cipher preference list as follows
>
> TWOFISH CAST5 BLOWFISH 3DES AES AES192 AES256 CAMELLIA128 CAMELLIA192
> CAMELLIA256
>
> based on recent revelations we should probably not use any commercially
> offered cipher

Hi Mike,

Interesting. Would you care to explain your logic as to why you set
the preferences in that particular order?

In particular, why did you prioritize 3DES over the three AES
variants? I can understand being skeptical of CAMELLIA, as it was
developed commercially, though it has been approved for use by both
the Japanese CRYPTREC project and the European NESSIE project and is
widely available to researchers and cryptographers. That is, it's not
a black box.

Similarly, AES is an open standard and went through rigorous review by
both government and the public cryptographic community.

As far as I'm aware, all the ciphers used in GnuPG have no major,
publicly-known cryptographic weaknesses so the choice as to which ones
to use comes down more to a matter of personal preference and
compatibility reasons.

-- 
Pete Stephenson



More information about the Gnupg-users mailing list