Question about symmetric AES cipher in GnuPG

Stefan Claas sac at
Sun Oct 27 21:51:24 CET 2019

Damien Goutte-Gattat wrote:

> Hi,
> On Sun, Oct 27, 2019 at 08:25:10PM +0100, Stefan Claas via Gnupg-users wrote:
> >Can you please, or somebody else, explain in laymen terms why this is 
> >so?
> Simply put, gpg and openssl enc don’t use the same file formats.  
> Different formats may encode the same data differently, so you can’t 
> expect the two outputs to be similar or to be of a similar size.
> In GnuPG’s case, the format is the one defined by the RFC 4880 standard 
> [1]. I don’t know what is the format used by OpenSSL, but some of the 
> differences with GnuPG’s format include:
> * GnuPG adds a “Modification Detection Code” to the encrypted data;
> * GnuPG also adds some metadata, including the name of the original 
>   file.
> Those differences alone already explain easily why the file generated by 
> GnuPG is bigger.
> Cheers,
> - Damien
> [1]

Thanks for the explanation! I will then check the RFC to see if I can
find how many bytes the 'Modification Detection Code' and the meta data


box: 4a64758de9e8ceded2c481ee526440687fe2f3a828e3a813f87753ad30847b56
  certified OpenPGP key blocks available on

More information about the Gnupg-users mailing list