GnuPG. File size limit?

Is there a file size limit for encrypting a single file with GnuPG(1.0.xx,2.0.xx,2.1.xx)?
The file size ranges from about 2GiB to 100GiB. I'm not worried about the 2Gib but I'm not really sure if it's a good idea to encrypt a single 100GiB file. Do I run into problems if I do that or is it perfectly safe to encrypt such large files?
I checked the FAQ on https://gnupg.org/ and only found an article dealing with file size limits of the different ciphers but not if there is a limitation of the program itself. Here is the link to the specific part: https://gnupg.org/faq/gnupg-faq.html#recommended_ciphers

Kind regards

user750967

Posted 2017-07-18T10:03:03.563

Reputation: 43

Probably you know this but I will make it clear for those who don't: GPG is documented either "symmetric" or "asymmetric" encryption. Actually the "asymmetric" encryption uses symmetric underneath, and only uses asymmetric to send/hide the symmetric encryption key. GPG allows specifying the "cipher" used for the symmetric encryption: "--cipher-algo" <- See the online manual [ gnupg.org/documentation/manpage.html ]. There is size limit for some ciphers as explained in YOUR line and grawity's answer. – Craig Hicks – 2018-04-30T22:02:25.297

Answers

Do I run into problems if I do that or is it perfectly safe to encrypt such large files?

The file size limit is Operating System dependent.

--max-output n
                 This option sets a limit on the number of bytes that will  be
                 generated  when  processing  a  file.  Since OpenPGP supports
                 various levels of compression, it is possible that the plain-
                 text  of a given message may be significantly larger than the
                 original OpenPGP message.  While GnuPG  works  properly  with
                 such  messages, there is often a desire to set a maximum file
                 size that will be generated before processing  is  forced  to
                 stop  by  the  OS  limits.   Defaults  to  0, which means "no
                 limit".

Source gpg

DavidPostill

Posted 2017-07-18T10:03:03.563

Reputation: 118 938

There's no limit, only a possible security issue.

The OpenPGP format according to RFC 4880 has no limits on file size (although a single packet is limited to ~4 GiB, the file will simply be stored as a series of partial packets).
Some 32-bit versions of various OpenPGP software might have a limit of 2 or 4 GiB per file. So if you encrypt a file, it's not guaranteed that old computers will be able to decrypt it.

Software compiled for 64-bit should have no problems. (I haven't tested 32-bit GnuPG, but I think it should be fine.)
Make sure to avoid old ciphers using 64-bit block sizes (such as IDEA or Blowfish) due to possible security problems similar to the Sweet32 attack.

Ciphers with larger block sizes, such as AES, have no practical limits, but they didn't become the default in GnuPG until very recently (I think 2.1.x) – and even then, if you're encrypting to someone else, their's old pubkey, it might have "preferences" stored that tell the software to use a specific old cipher.

user1686

Posted 2017-07-18T10:03:03.563

Reputation: 283 655

As gpg can encrypt in pipeline there is no "file size" in such a situation, but rather length of stream. Are you saying that encrypting large byte-streams / files could produce weaker security due to repetitions (or something)? For example, a 1.4 TiB disk image I have could suffer from weakened security, simply due to it's size. – Attie – 2018-08-05T21:33:25.603

There may be no official limits but I have had no success encrypting 10Gb files with Gpg4win with an rsa2048 key. Kleopatra crashed after 56MB's and GPA will encrypt and decrypt the file but I can't open it after creating it. What's more it also creates 0byte checksums of such large files.

user135711

Posted 2017-07-18T10:03:03.563

Reputation: 7