Hash algo for Gnupg

Vlad "SATtva" Miller sattva at pgpru.com
Fri May 9 11:45:23 CEST 2008


Funaki, Yasuhiro (07.05.2008 10:31):
> Dear expert,
> 
> I understand as below when hash is used at decrypting operation.
>> Hash algo is used to generate a key to decrypt a private key from
> passphrase at decrypting operation.
> When above my understanding is correct,
> could you advice me how to specify the hash algo at generating key pair
> and how to change hash algo after generating key pair?

Such application of hashing algorithm is called String-to-Key (or S2K
for simplicity): it crunches variable-length passphrase into a
fixed-length string used as a decryption key. In order to specify a hash
for S2K operations, use --s2k-digest-algo <algo_ident> (or place it in
gpg.conf): all newly generated keys will use that hash. Now if you want
to change S2K hash algorithm of an existing key, just change passphrase
(even to the same value) of that key.

> Regards
> Yasuhiro
<snip stupid disclaimer>


-- 
SATtva | security & privacy consulting
www.vladmiller.info | www.pgpru.com


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 513 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20080509/72c39f84/attachment.pgp>


More information about the Gnupg-users mailing list