<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"></div><div dir="ltr">I would say chacha2020 is also a strong cipher up there with AES. <span style="background-color: rgba(255, 255, 255, 0); font-style: inherit; font-variant-caps: inherit;">The fact that AES uses lookup table with an index derived from the secret makes general implementations vulnerable to cache-timing attacks. ChaCha20 is not vulnerable to such attacks. (AES implemented through AES-NI is also not vulnerable, but I don’t know if GPG’s implementation of it uses that)</span></div><div dir="ltr"><span style="background-color: rgba(255, 255, 255, 0); font-style: inherit; font-variant-caps: inherit;">It also has the benefit of being made by </span><span style="background-color: rgba(255, 255, 255, 0);">Daniel J. Bernstein which is the same guy who formulated the Ed25519 curve and fought off the US government in court in declassifying elliptic curve crypto from being a military munition. You can see the rfc for the algorithms here: </span><a href="https://tools.ietf.org/html/rfc7539">https://tools.ietf.org/html/rfc7539</a></div><div dir="ltr"><br>On May 31, 2019, at 11:58 AM, Robert J. Hansen <<a href="mailto:rjh@sixdemonbag.org">rjh@sixdemonbag.org</a>> wrote:<br><br></div><blockquote type="cite"><div dir="ltr"><blockquote type="cite"><span>What is the encryption engine for the current GnuPG.</span><br></blockquote><span></span><br><span>By default, AES. Other algorithms are possible but not recommended.</span><br><span>The only other algorithms I'd recommend are Twofish and Camellia.</span><br><span></span><br><blockquote type="cite"><span>I know IDEA is proprietary so that can’t be used</span><br></blockquote><span></span><br><span>It can be used. You'd be insane to actually use it, but that doesn't</span><br><span>change the fact it can be used.</span><br><span></span><br><span>IDEA was broken in 2011-2012 using meet-in-the-middle attacks and a</span><br><span>bicliques attack. These aren't attacks on reduced-round variants of</span><br><span>IDEA. This is the full-strength algorithm has been found vulnerable to</span><br><span>at least two different methods of cryptanalysis. Right now those</span><br><span>attacks aren't terribly significant -- they shave a few bits off the</span><br><span>strength of the cipher -- but those attacks will only get better over time.</span><br><span></span><br><span>I'm unaware of any cryptographer who's still seriously studying IDEA.</span><br><span>It's considered to have taken a hit below the waterline. Please do not</span><br><span>use IDEA for generating new traffic. Please only use IDEA to read</span><br><span>existing traffic.</span><br><span></span><br><blockquote type="cite"><span>If it’s NIST AES that is under the US Government?</span><br></blockquote><span></span><br><span>No. It's a Belgian-designed algorithm with no connection to the United</span><br><span>States government. This algorithm, called "Rijndael", works with a</span><br><span>variety of block sizes and key sizes.</span><br><span></span><br><span>All the United States government did was say "Rijndael with a 128-bit</span><br><span>block size will be our new Advanced Encryption Standard, and AES will</span><br><span>support key sizes of 128, 192, and 256 bits."</span><br><span></span><br><span>That's it.</span><br><span></span><br><blockquote type="cite"><span>Wouldn’t that be in danger of a US back door in the algorithm?</span><br></blockquote><span></span><br><span>No. An excellent reason to believe there is no back door comes from the</span><br><span>fact the United States government uses AES to secure its most</span><br><span>confidential information -- it's one of the few algorithms that's</span><br><span>certified for use at the Top Secret level.</span><br><span></span><br><span>_______________________________________________</span><br><span>Gnupg-users mailing list</span><br><span><a href="mailto:Gnupg-users@gnupg.org">Gnupg-users@gnupg.org</a></span><br><span><a href="http://lists.gnupg.org/mailman/listinfo/gnupg-users">http://lists.gnupg.org/mailman/listinfo/gnupg-users</a></span><br></div></blockquote></body></html>