[Cryptography] Which big-name ciphers have been broken in living memory?

[Peter Gutmann]

Werner Koch <wk at gnupg.org> writes:

>Just for the record: CAST5 is only used by default for symmetric only
>encryption.  This is hopefully only rarely used 

There's a lot of people using GPG for file encryption, which means CAST5.  I
found this out the hard way a few years ago when I removed CAST5 support (I
was unable to identify anything other than GPG that still used it), and then
had to quickly back out the change when people complained that they couldn't
decrypt GPG-encrypted files any more.

Peter.