RE: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-20 Thread Daniel Colquitt via Gnupg-users
> Has it really been that long? ... No, it has not been: a free-start collision was > found on the SHA-1 compression function in 2015, less than > 7 years ago. > > As far as I know, a single collision pair ("SHAttered") has been produced, > using about 9 months on a very large cluster, against the

Re: Who protects the private key (was: Changing the encryption algorithm used for PGP/GPG private key)

2022-02-19 Thread Daniel Colquitt via Gnupg-users
> On 19 Feb 2022, at 14:52, Werner Koch wrote: > > gpg does not encrypt private keys. This is done by gpg-agent. The > method how the keys are protected internally are out of scope for > OpenPGP. See gnupg/agent/keyformat.txt for the specification of the > internal format. Apologies for con

Re: Changing the encryption algorithm used for PGP/GPG private key

2022-02-19 Thread Daniel Colquitt via Gnupg-users
Hi Vedaal, > Try this: > In gpg.conf file add the option of > --expert > and in personal preferences, list only AES 256, > Not the other strengths. > Keep all of the s2k options you listed, and try generating a new key again > Vedaal Many thanks for the suggestion, but I’m afraid that this stil

RE: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread Daniel Colquitt via Gnupg-users
Thanks for responding, Ingo. > As far as I can tell `man gpg` does not claim that any of these settings > influence the encryption of secret keys. According to the manual, the --s2k-* flags control

RE: Changing the encryption algorithm used for PGP/GPG private key

2022-02-18 Thread Daniel Colquitt via Gnupg-users
Just to follow up that this isn't a gpgwin problem. I have a Debian installation and generated a test key using GnuPG and the same gpg.conf file. Here is the output > gpg --list-packets test.key > # off=0 ctb=95 tag=5 hlen=3 plen=1862 > :secret key packet: >version 4, algo 1, created 164

Changing the encryption algorithm used for PGP/GPG private key

2022-02-14 Thread Daniel Colquitt via Gnupg-users
I've read various tutorials and posts regarding changing the algorithm used to encrypt my private PGP keys. However, nothing I have tried seems to work. I am using gpg4win: > gpg (GnuPG) 2.3.4 > libgcrypt 1.9.4 > Copyright (C) 2021 g10 Code GmbH > License GNU GPL-3.0-or-later