Discussion:
Specifying symmetric algorithm with WinPT
(too old to reply)
Lazy Guy
2010-12-22 20:25:52 UTC
Permalink
I'm using WinPT with gpg. I know I can specify the algorithm used for symmetric encryption with the command line, but I'm lazy and I really find WinPT convenient.

But WinPT just asks if I want to do a symmetric encryption, it doesn't ask which of the algorithms that gpg 1.4.10 supports I'd like to use. Is there any way of telling WinPT which one to use? Is there any way to tell which one it's defaulting to now?

Lazy Guy
Lazy Guy
2010-12-23 09:15:03 UTC
Permalink
Okay, after posting to the ng it occurred to me to take another look and experiment. So I did a symmetric encryption of a small text file and apparently WinPT is doing symmetric encryption with CAST5.

This is the information WinPT gave me when I used its "list packets" command: "symmetric key encrypted packet: version 4, cipher CAST5, s2k ITER+SALTED, hash SHA1 encrypted data packet: mdc method 0, length 446"

Looking around at various Web sites CAST5 looks pretty old. And from the above information it uses a SHA1 hash, which I probably shouldn't get too paranoid about despite SHA1 being "broken," right?

The question of how to choose which algorithm to use for symmetric encryption in WinPT is still open. Or am I stuck with CAST5?

Lazy Guy
John Wunderlich
2010-12-25 01:49:02 UTC
Permalink
Post by Lazy Guy
Okay, after posting to the ng it occurred to me to take another
look and experiment. So I did a symmetric encryption of a small
text file and apparently WinPT is doing symmetric encryption with
CAST5.
This is the information WinPT gave me when I used its "list
packets" command: "symmetric key encrypted packet: version 4,
mdc method 0, length 446"
Looking around at various Web sites CAST5 looks pretty old. And
from the above information it uses a SHA1 hash, which I probably
shouldn't get too paranoid about despite SHA1 being "broken,"
right?
The question of how to choose which algorithm to use for symmetric
encryption in WinPT is still open. Or am I stuck with CAST5?
Lazy Guy
You can use any algorithm that GPG supports. The easy way is to add
a line to the "gpg.conf" file like:

personal-cipher-preferences S2

which will set the preference to 3DES.

I prefer to use GPGShell instead of WinPT. It functions very much
the same and also provides some graphical configuration screens to
set up GPG as well. < http://www.jumaros.de/rsoft/index.html >

HTH,
John
Lazy Guy
2010-12-25 07:20:24 UTC
Permalink
Post by John Wunderlich
....
You can use any algorithm that GPG supports. The easy way is to add
personal-cipher-preferences S2
which will set the preference to 3DES.
Thanks. I put in "personal-cipher-preferences AES256 TWOFISH CAST5" and that seems to have made it default to AES256 when I tested it. So all I need to do is change the first protocol on that line and I'm all set.
Post by John Wunderlich
I prefer to use GPGShell instead of WinPT. It functions very much
the same and also provides some graphical configuration screens to
set up GPG as well. < http://www.jumaros.de/rsoft/index.html >
I tried GPGShell but didn't like it. I forget exactly why. I tried WinPT afterward and liked it better. Now I just have to settle on which symmetric protocol I want to make my standard.

Lazy Guy

Loading...