{gnupg 2.1.6} Howto change s2k cipher from AES -> AES256?
Werner Koch
wk at gnupg.org
Wed Aug 5 20:34:23 CEST 2015
On Wed, 5 Aug 2015 15:02, dieamme at googlemail.com said:
> Ok, but the secret Keys in "private-keys-v1.d" are
> encrypted with (symmetric) AES128.
[...]
> My question is, why securing the private key's with sha1?
I am not sure whether I understand your question. If you mean the SHA-1
as mentioned in the algo string of the private key files:
openpgp-s2k3-sha1-aes-cbc
This describes an algorithm using using AES in CBC mode for
encryption, SHA-1 for integrity protection and the String to Key
algorithm 3 from OpenPGP (rfc2440).
Thus SHA-1 is not used for protection but to detect tampering of the
encrypted private key. This is the same method as defined by RFC-4880
but using an S-expression encoding.
The decryption part also knows about openpgp-s2k3-sha1-aes256-cbc so to
be prepared for the time we want to change to AES-256. However, it is
questionable whether this will ever be done. Although the entire
construct is safe on practice, it will eventually be replaced by a
modern AEAD method.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list