What is the default symmetric cipher?

David Shaw dshaw at jabberwocky.com
Mon Feb 23 14:34:38 CET 2004


On Wed, Feb 18, 2004 at 03:46:13PM -0500, Ian Emmons wrote:
> What cipher algorithm is used when the --symmetric option is specified but
> the --cipher-algo option is not?
> 
> I attempted to answer this question myself.  I encrypted a file using each
> of the following commands:
> 
>     gpg --symmetric --output hello.gpg hello.txt
>     gpg --symmetric --cipher-algo 3DES --output hello-3DES.gpg hello.txt
>     gpg --symmetric --cipher-algo CAST5 --output hello-CAST5.gpg hello.txt
>     gpg --symmetric --cipher-algo BLOWFISH --output hello-BLOWFISH.gpg
> hello.txt
>     gpg --symmetric --cipher-algo AES --output hello-AES.gpg hello.txt
>     gpg --symmetric --cipher-algo AES192 --output hello-AES192.gpg hello.txt
>     gpg --symmetric --cipher-algo AES256 --output hello-AES256.gpg hello.txt
>     gpg --symmetric --cipher-algo TWOFISH --output hello-TWOFISH.gpg
> hello.txt
> 
> These commands use all of the cipher algorithms listed when I run the
> --version option.  In each case I used the same passphrase.
> 
> I expected that the output of the first command would match the output of
> one of the others, and that this would tell me what the default algorithm
> is.  Unfortunately, the output of the first command matched none of the
> others.  What algorithm is the first command using?

You didn't say what version of GnuPG you were using, but unless you
have it set in your gpg.conf file to something else, it's probably
CAST5.

You can tell what cipher was used by decrypting the file with the -v
(for verbose) flag set.

David



More information about the Gnupg-users mailing list