1024 key with large sub key

Werner Koch wk at gnupg.org
Thu Oct 5 09:19:10 CEST 2017

On Wed,  4 Oct 2017 22:29, rjh at sixdemonbag.org said:

> I know this wasn't addressed to me, but what the heck.  I won't share my
> preferences, but this is some modestly-accurate history.

Thanks for sharing the history; here are some of my remarks.

> Twofish became part of the suite of ciphers with PGP 7, and GnuPG had to

Back in 1998/1999 we were keen to have a 128 bit block cipher in
OpenPGP.  The PGP folks and me discussed this and our bets were on
Twofish as a very promising candidate for the AES competition.  Thus we
went for that before we added AES 1.5 years later.

> (I have heard it said Blowfish was introduced to the spec as a fallback
> in case CAST5 turned out to have flaws.  Given how similar CAST5 and

Blowfish used to be the only freely available cipher when I started with
gpg.  Thus it was a natural choice for free software.  The patent state
of CAST5 was not fully clear back then and thus gpg used Blowfish up
until the OpenPGP WG agreed on CAST5 (which was used by PGP-5) and
removed the uncertainty on the patent state.  Blowfish was kept as an
optional algorithm because it was used by gpg.  The OpenPGP preference
system allowed us to do this without running into interop problems.

> I won't bore you with my list of preferred algos, though.  :)

The default algorithms of GnuPG should be a good choice in any case.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20171005/411baabe/attachment-0001.sig>

More information about the Gnupg-users mailing list