>> for ?? historical reasons of compatibility ?? with pgp 5+ >> the default cipher that will be used for encryption, and also for >> protection of the secret key, is CAST-5, not 3DES
>Nope, 3DES is the only MUST cipher algorithm and thus used as the >last-resort if the preference system can't decide upon on the >algorithm. >CAST5 is like IDEA only a SHOULD in OpenPGP as per rfc2440. The >updated OpenPGP (rfc4880) changed this SHOULD algorithms to AES-128 >and CAST5 but kept 3DES as MUST algorithm. So what is GnuPG's default implementation is no symmetric cipher is specified? Since it includes AES-128, CAST5, and 3DES in all recent distributions, does it use AES-128 or 3DES as the default symmetric cipher if no cipher is specified on the command line, or within the sender's gpg.conf file? I would assume that it would look at the preferences of the public encryption key, and likely pick the first cipher on the list. Since in most recent versions of GPG, AES256 is the first algorithm specified (as demonstrated with the showpref command), that the sender in turn would reply with an AES256 symmetrically encrypted message (if possible). If an older version of GPG were being used that didnt support AES, it would likely then choose among rank ordered subsequent algorithms as shown in the setpref commad. Following this logic however, it would seem for me that CAST5 would be chosen preferentially rather than 3DES: Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA Other than for backward compatibility purposes, I thought the encryption community had turned their backs on CAST5, but not 3DES. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
