A question about Camellia

David Shaw dshaw at jabberwocky.com
Fri Jan 23 22:36:52 CET 2009 

On Fri, Jan 23, 2009 at 03:55:20PM -0500, Robert J. Hansen wrote:
> Faramir wrote:
> > Don't worry, while I like to change some settings, I also like to
> > "play safe". Even if I could use Camellia, I would not use it to send
> > messages (maybe it would be interesting to be able to receive messages
> > encrypted with it).
> 
> There's no real reason to avoid Camellia, by the way.  It's a trusted
> algorithm, cryppies have a lot of confidence in it -- I'm just part of
> the (vocal) minority which screams that OpenPGP has way too many
> algorithms and we need to start cutting algorithms out.

While I understand, and even agree with many of their points, I tend
to disagree with the "strip it all out" folks.  OpenPGP is designed to
be flexible in dealing with multiple ciphers, and gives its users good
ways to pick a cipher that both the sender and recipient favor.  If
you only want to receive messages encrypted with 3DES, that's your
privilege, and when I send you encrypted mail I (or really, my copy of
GPG) will respect that and send you 3DES.  Similarly, when you send me
a message, it's my priviledge to give a list of ciphers, and it's your
privilege to pick from that list.  Send it in 3DES, and I will accept
that.

Nobody but you and I have any input into the cipher choice when you
and I are communicating.  Which is as it should be.  The flip side of
that, of course, is that you do not have any input into the cipher
choice when I'm communicating with someone else.  Does that mean that
I feel a particular need to use Camellia/Blowfish/Cipher-X?  No, not
really.  But I do want the choice of what I use to be mine.

> I would like
> GnuPG a lot more if it only supported 3DES, SHA-1, SHA256, and DSA/ELG
> keypairs in 1k and 2k sizes.

You have the ability to do pretty much that, but:

[ unknown] (1). Robert J. Hansen <rjh at .......>
     Cipher: AES256, AES192, AES, CAST5, 3DES, IDEA
     Digest: SHA1, SHA256, RIPEMD160
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

David

More information about the Gnupg-users mailing list