Encryption Algorithm for GnuPG?

Robert J. Hansen rjh at sixdemonbag.org
Fri May 31 17:58:48 CEST 2019

> What is the encryption engine for the current GnuPG.

By default, AES.  Other algorithms are possible but not recommended.
The only other algorithms I'd recommend are Twofish and Camellia.

> I know IDEA is proprietary so that can’t be used

It can be used.  You'd be insane to actually use it, but that doesn't
change the fact it can be used.

IDEA was broken in 2011-2012 using meet-in-the-middle attacks and a
bicliques attack.  These aren't attacks on reduced-round variants of
IDEA.  This is the full-strength algorithm has been found vulnerable to
at least two different methods of cryptanalysis.  Right now those
attacks aren't terribly significant -- they shave a few bits off the
strength of the cipher -- but those attacks will only get better over time.

I'm unaware of any cryptographer who's still seriously studying IDEA.
It's considered to have taken a hit below the waterline.  Please do not
use IDEA for generating new traffic.  Please only use IDEA to read
existing traffic.

> If it’s NIST AES that is under the US Government?

No.  It's a Belgian-designed algorithm with no connection to the United
States government.  This algorithm, called "Rijndael", works with a
variety of block sizes and key sizes.

All the United States government did was say "Rijndael with a 128-bit
block size will be our new Advanced Encryption Standard, and AES will
support key sizes of 128, 192, and 256 bits."

That's it.

> Wouldn’t that be in danger of a US back door in the algorithm?

No.  An excellent reason to believe there is no back door comes from the
fact the United States government uses AES to secure its most
confidential information -- it's one of the few algorithms that's
certified for use at the Top Secret level.

More information about the Gnupg-users mailing list