AES-NI, symmetric key generation

Pete Stephenson pete at
Thu Mar 12 11:08:50 CET 2015

On Thu, Mar 12, 2015 at 10:56 AM, Werner Koch <wk at> wrote:
> On Wed, 11 Mar 2015 20:39, pete at said:
>>> One more question: Is there any standardization in output formats
>>> between encryption programs and libraries, for example say you encrypt
>>> with AES128 in CBC, with the same key (directly or via passphrase), and
>>> since the output will have to have, in addition to the actual
>>> ciphertext, algorithm indentification on it, possible pasphrase-to-key,
>>> plus mode-specific data such as the iv/nonce, is there a specification
>>> of the format of how these come in?
>> You'd have to ask Werner, the head developer, about that.
> Sorry, I do not understand the question.  The format is defined by the
> OpenPGP standard or the CMS standard (aka S/MIME).  There are also some
> other less common formats.
> Or is the question how applications present this to the user or whether
> a standard API is defined?  That is not defined by one of these
> protocols.

I (perhaps incorrectly) interpreted the question as "If GnuPG makes
backwards-incompatible changes in the future, would it be possible for
one who knows the encryption algorithm used, key, etc. of a message to
decrypt that message with other, non-GnuPG tools?"

For example, if one knows that CAST5-CFB, ZIP, and salted-and-iterated
S2K was used (as well as the value of the salt and number of
iterations), might one be able to decrypt the message using OpenSSL
and other common utilities? I suspect yes, as the encryption and
compression methods are standards, but doing so would probably be

I could be wrong with both the interpretation of the question and the
answer, though.


Pete Stephenson

More information about the Gnupg-users mailing list