Re: Question about history of hash and cipher collections

Sun, 13 Jan 2008 18:34:27 -0800 

On Sun, Jan 13, 2008 at 05:39:01PM -0600, Kevin Hilton wrote:
> Here was I was able to find about the current hash and cipher choices with gpg
> 
>     Pref Code (n)     Algorithm (name)        PGP 2   PGP 5   PGP 6   PGP 7
>       PGP 6.5.8ckt    GPG 1.0.6
>     s1 *      IDEA    X       X       X       X       X       X *
>     s2        3DES    ---     X       X       X       X       X
>     s3        CAST5   ---     X       X       X       X       X
>     s4        Blowfish        ---     ---     ---     --      X (03)  X
>     s7        AES (128)       ---     ---     ---     X (7.0.1)       X (03)  
> X
>     s8        AES192  ---     ---     ---     X (7.0.1)       X (03)  X
>     s9        AES256  ---     ---     ---     X (7.0.1)       X (03)  X
>     s10       Twofish         ---     ---     ---     X       X (03)  X
>     s11  Camellia128
>     s12  Camellia256
> 
>     * only with IDEA module
> 
>     Digest (Hash) Algorithms
>     Pref Code (n)     Algorithm (name)        PGP 2   PGP 5   PGP 6   PGP 7   
> PGP
> 6.5.8ckt      GPG 1.0.6
>     h1        MD5     X       X       X       X       X       X
>     h2        SHA1    ---     X       X       X       X       X
>     h3        RIPEMD160       ---     X       X       X       X       X
>     h6 +      TIGER192        ---     ---     ---     ---     X (08)  X +
>     h8 *      SHA256  ---     ---     ---     ---     X (07)  X *
>     h9 *      SHA384  ---     ---     ---     ---     X (07)  X *
>     h10 *     SHA512  ---     ---     ---     ---     X (07)  X *
> 
> Just a few questions,
> 

I'm afraid the chart you made was somewhat eaten by word wrap, but it
seems basically sane.  Note that Camellia is not a standard algorithm,
and while it will probably be one eventually, it isn't today.

> #1 - How can I generate this list with newer versions of gpg -- is
> their an internal command that cross-references the s or h numbers
> with the specific ciphers/hashes that are compiled into the module --
> something I can type at the command line?

Yes.  "gpg -v --version" will give you the algorithm numbers along
with the algorithm names.  However, the algorithm numbers are not
really relevant to anything unless you're writing OpenPGP software.
For years now, all programs have referred to AES256 as "AES256" and
not "cipher 9".

> #2 Historically, what ciphers were eliminated -- For example what
> ciphers were in the s5, s6 slots?  Same with the hashes.  I believe
> the TIGER has was equal to s5.  What happened to that hash choice?

S5 was SAFER-SK128 and S6 was reserved for DES/SK.  SAFER was dropped
and nobody ever implemented it.  DES/SK was never even allocated.

You can see the history between RFC-2440 and RFC-4880.  A good number
of algorithms were cleaned up between the two: if it wasn't actually
being used, it got dropped.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to