2

I have a couple of questions on the security of gpg/gpg2 using symmetric encryption. They are (I imagine) very basic, so apologies if they are documented somewhere. The thing is, I don't know what to search for to find the answers.

  • Using gpg2 in the following way:

    gpg2 -c file.txt

    only encrypts the file using the default cipher (CAST5) using the key I supply on stdin only, and has nothing whatsoever to do with my RSA/SHA keys for my user, i.e. decrypting the file using gpg2 on any other machine with any other user would be absolutely fine? (I imagine getting it to sign the file goes into the nitty-gritty of this, but I have no interest in that.)

  • The man page says that using the --cipher-algo argument violates the OpenPGP standard; why? What's wrong with me setting it to a different cipher?
  • I have this (probably pathetic) feeling that AES256 is the way to go for maximum security; are there any significant differences, or things I should be aware of, in the security between it and CAST5?
  • Why sign files?

Any help would be much appreciated!

Improve this question

2 Answers 2

Reset to default
5

Using gpg2 in the following way: gpg2 -c file.txt only encrypts the file using the default cipher (CAST5) using the key I supply on stdin only, and has nothing whatsoever to do with my RSA/SHA keys for my user [...]

Correct.

The man page says that using the --cipher-algo argument violates the OpenPGP standard; why?

The manpage does not say that, it just says that it "allows you to violate the OpenPGP standard". The reason is that your version of pgp2 might support ciphers that are not part of the OpenPGP standard; if you use those, you are violationg the standard (and others might not be able to decrypt your message). If you don't use the option, pgp2 will automatically use a cipher from the standard.

I have this (probably pathetic) feeling that AES256 is the way to go for maximum security; are there any significant differences, or things I should be aware of, in the security between it and CAST5?

Well, the only thing you can say for certain about a cipher's security is whether there are any known attacks against it. There are none (at least no practical ones) against eiter AES-256 or CAT-5, so both are considered secure. Anything beyond that is speculation.

Why sign files?

Signing a file proves that it was signed by the person who has the private key it was signed with. That provides assurances that the data was not tampered with; this is generally independent of encryption (which ensures no one without the key can read the message). So the two have different goals (though they are often used together).

For example: You encrypt a contract to make sure it stays secret; you sign a contract to give others a proof that you read and approved it, and to prevent others from changing it.

Improve this answer
3

  • Correct. Only the supplied key and algorithm are used to encrypt it.

  • OpenPGP doesn't support all the same algorithms as GnuPG2; you can create a perfectly valid message that the recipient will be unable to read.

  • AES-256 is supposedly a bit stronger, but CAST5 is usually Good Enough.

  • So that it can be proved that they haven't been tampered with.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .