I know, that one can force GnuPG to use AES256 for encryption with
gpg --cipher-algo AES256
or with a special setting in ~/.gnu/gpg.conf
.
But, what is the default cypher algorithm for GnuPG, if I would miss this switch?
I know, that one can force GnuPG to use AES256 for encryption with
gpg --cipher-algo AES256
or with a special setting in ~/.gnu/gpg.conf
.
But, what is the default cypher algorithm for GnuPG, if I would miss this switch?
TL;DR: For GnuPG 1.0 and 2.0, default is Cast5, for GnuPG 2.1 it is AES-128.
Per default, GnuPG will read the recipient's algorithm preferences and take the first algorithm in that list it supports (in other words, it takes the most-preferred supported algorithm the recipient asks for).
If no preferences are given (or --symmetric
is used for symmetric encryption using a passphrase), it chooses a "safe" one. Safe means, one that must be or should be implemented. Which one this is depends on the version of GnuPG and compatibility level chosen. You can easily verify this by starting a symmetric encryption, passing one of the compatibility levels (or none, which implies --gnupg
):
gpg --verbose --symmetric
gpg: using cipher CAST5
On the other hand, if enforcing strict OpenPGP compliance following RFC 4880, it drops to triple DES:
gpg --rfc4880 --verbose --symmetric
gpg: using cipher 3DES
The same applies if enforcing RFC 2440 using --rfc2440
.
GnuPG 2.0 also uses CAST5 with the default --gnupg
, while this default was changed to AES-128 in GnuPG 2.1:
LANG=C gpg2 --verbose --symmetric
gpg: using cipher AES
(AES without further specification means AES-128 in GnuPG)
GnuPG 2.1 uses the same algorithms for the RFC-compliant settings.
For digest algorithms, similar algorithm preference inference is performed. If --verbose
is set as an option, the used algorithm is printed.
An exception is the Modification Detection Code Packet, which only allows SHA-1 with no algorithm choice as defined by the standard.
The defaults must have changed. The default (in early 2019) for gnupg-1.4.23 is AES128. The default for gnupg-2.1.18 is AES256. The manpages for both versions state that the default is AES128 but that's wrong for gnupg-2.1.18.
To answer this yourself for your version of gnupg, do:
echo hi > testfile
gpg -c -vv testfile
rm testfile testfile.gpg
After entering the passphrase twice, it'll say something like:
gpg: using cipher AES
gpg: writing to `testfile.gpg'
or:
gpg: using cipher AES256
gpg: writing to 'testfile.gpg'
AES means AES128.