NSA backdoors and Set Preferred Cipher
Robert J. Hansen
rjh at sixdemonbag.org
Sun Sep 8 01:38:16 CEST 2013
On 9/7/2013 8:11 AM, Mike Acker wrote:
> i have altered my cipher preference list as follows
Why? Your preference list makes no sense.
> TWOFISH CAST5 BLOWFISH 3DES AES AES192 AES256 CAMELLIA128
> CAMELLIA192 CAMELLIA256
GnuPG and PGP will stop as soon as they hit 3DES. They won't even look
at the rest of the ciphers in your preference list. "Okay, Mike likes
Twofish, but the recipient doesn't support it... then CAST5, but that's
not supported... then Blowfish, again not supported... hey, 3DES. 3DES
is *guaranteed* to be supported. The recipient has to speak 3DES.
Cool. We'll choose 3DES and not even bother with the rest of the list."
> based on recent revelations we should probably not use any
> commercially offered cipher
Which means what, exactly? 3DES came out of IBM in the 1970s, but it's
not a "commercial product" in any sense I can imagine. CAMELLIA came
out of a Japanese telecommunications firm, but it's likewise not a
There are no "commercially offered ciphers" in GnuPG.
More information about the Gnupg-users