[Cryptography] Which big-name ciphers have been broken in living memory?
Werner Koch
wk at gnupg.org
Sun Aug 17 15:39:55 EDT 2014
On Sun, 17 Aug 2014 17:56, pgut001 at cs.auckland.ac.nz said:
> I think this applies mostly to GPG though, which still uses crazy defaults
> like CAST5 as its standard cipher.
Just for the record: CAST5 is only used by default for symmetric only
encryption. This is hopefully only rarely used and if so, the cipher
algorithm should have been given on the command line to match what has
been negotiated out of band with the recipient. CAST5 used to be the
drop in replacement for IDEA. Most of these decisions have been made by
the OpenPGP WG for PGP-2 (1992) backward compatibility. It is hard to
kill that feature.
For normal asymmetric encryption AES is the preferred algorithm for more
than a decade.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the cryptography
mailing list