2

I noticed that 7zip provides an option to encrypt the contents of a folder using AES256 (Screenshot Below) and so does GPG using this command:

gpgtar --output <Name_Of_The_Output_File> -v --encrypt --symmetric --gpg-args "--cipher-algo AES256" <directory_to_encrypt>

Is there any difference between the two implementations? Is one more secure than the other?

enter image description here

7_R3X
  • 606
  • 3
  • 12
  • 25

1 Answers1

3

7zip uses AES256 with the settings provided in that screenshot

GnuPG 2.1 Defaults to AES-128 though it supports many many more

3DES, IDEA (since versions 1.4.13 and 2.0.20), CAST5, Blowfish, Twofish, AES-192, AES-256, Camellia-128, -192 and -256 (since versions 1.4.10 and 2.0.12) - ref

For the gpgtar command you provided it would use the same AES-256 algorithm 7zip would use, the only real difference I could see is that one would use the ustar archive format and the Zip compression while the other would use 7z archive format with LZMA2 compression

Compression service in PGP is provided using ZIP Algorithm. - ref

7_R3X
  • 606
  • 3
  • 12
  • 25
CaffeineAddiction
  • 7,517
  • 2
  • 20
  • 40
  • Does that have any (known) security implications? – 7_R3X Aug 24 '21 at 04:22
  • AES is not the interesting part. Everyone uses AES. Which AEAD mode (e.g. GCM, EAX)? Or which block cipher mode and which MAC and how are they combined, if not an AEAD mode (e.g. CTR-HMAC-SHA2, EtM)? Which PBKDF (e.g. scrypt)? Which settings for the KDF? etc. These are the details that matter. I personally recommend using https://github.com/FiloSottile/age – Z.T. Aug 24 '21 at 12:32
  • @7_R3X neither have known security issues at this time – CaffeineAddiction Aug 24 '21 at 14:24
  • It clear that [7zip uses AES in CBC mode](https://crypto.stackexchange.com/a/77548/18298). Do you know the mode of operation of gpgtar? It is not clear without the source code. – kelalaka Aug 26 '21 at 08:47