How can I find the default KDF for my version of GPG?

Question

I am trying to find the default KDF for my version of gpg:

gpg (GnuPG) 2.2.6
libgcrypt 1.8.2

Does anyone know how?

Hi Forest! Could you tell me how you know that? Thanks. – Patriot Jun 03 '18 at 05:11 — Patriot, Jun 03 '18 at 05:11
https://tools.ietf.org/html/rfc4880#section-3.7 – forest Jun 03 '18 at 07:49 — forest, Jun 03 '18 at 07:49

score 2 · Accepted Answer · edited Oct 07 '21 at 08:14

2

GnuPG uses an algorithm called S2K (String-to-Key). This isn't unique to GnuPG, and is actually part of the official OpenPGP standard, specifically RFC 4880 § 3.7. The strongest version of this KDF, version 3, works by repeating the key and the salt many times and hashing the whole result.

The specific hash algorithm used is specified with --s2k-digest-algo.

edited Oct 07 '21 at 08:14

Community

1

answered Jun 03 '18 at 07:56

forest

64,616
20
206
257

How can I find the default KDF for my version of GPG?

1 Answers1