On Sep 17, 2008, at 12:51 AM, Kevin Hilton wrote:
On Tue, Sep 16, 2008 at 11:50 PM, Robert J. Hansen <[EMAIL PROTECTED]
> wrote:
Kevin Hilton wrote:
I'm sure its probably contained in one of the RFC's, however when
was
DSA signing keys and ElGamal Encryption keys, along with the AES-256
cipher and SHA1 digest chosen as the defaults for key generation?
Any
particular reasons these were chosen as the defaults?
DSA-1024 is a MUST in the RFC, and therefore is interoperable with
every
conforming OpenPGP implementation. Likewise with SHA-1.
AES is a SHOULD, and is interoperable with the great majority of
OpenPGP
applications (PGP 7.1+).
As DSA-2048 and DSA-3072 support becomes more commonplace (read: as
people migrate away from older versions of PGP and GnuPG, a process
that
takes astonishingly long), you can expect to see the defaults
change. I
don't know too many people who are still enthusiastic about DSA-1024,
although it's still considered infeasible to break it.
Im slighly confused. I thought in terms of GnuPG - AES256 was the
default cipher as of version 1.48. I thought 3DES was still the
standard cipher according to the OpenGPG spec. I dont use PGP,
however it would seem that you were implying 3DES is still the default
cipher type in this product?
3DES is the default cipher for every and all OpenPGP compliant program.
Any knowledge on why ElGamal was chosen over RSA as the default
session key cipher?
I'm not sure what you mean by "session key cipher". Elgamal, like
RSA, is a public key (aka "asymmetric") algorithm. It was chosen
largely because it was patent-free, and at the time, RSA was most
certainly not.
David
_______________________________________________
Gnupg-users mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnupg-users
