[openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback
Florian Weimer
fw at deneb.enyo.de
Tue Nov 17 22:29:56 UTC 2015
* Kurt Roeckx:
> On Tue, Nov 17, 2015 at 07:10:00PM +0100, Florian Weimer wrote:
>> * Viktor Dukhovni:
>>
>> > If I were to guess, it would be that the base crypto implementations
>> > of IDEA, SEED and binary elliptic curves need to stay. We could
>> > perhaps get away with removing CAST and RIPEMD.
>>
>> Just one data point: CAST5 is still the default for GnuPG when using
>> symmetric encryption.
>
> Not in gnupg 2 afaik.
Debian stable has GnuPG 2.0.26, and it still uses CAST5:
$ gpg2 --batch --passphrase - -c < /dev/null | gpg2 --batch --passphrase - --list-packets
:symkey enc packet: version 4, cipher 3, s2k 3, hash 2
salt 45c1df2dc3dd11c2, count 2490368 (179)
gpg: CAST5 encrypted data
:encrypted data packet:
length: 22
gpg: encrypted with 1 passphrase
:compressed packet: algo=1
:literal data packet:
mode b (62), created 1447798993, name="",
raw data: 0 bytes
gpg: WARNING: message was not integrity protected
GnuPG 2.0 is still “the stable version suggested for most users”,
unfortunately. GnuPG 2.1 has indeed switched to AES-128, but only in
September 2014.
Florian
More information about the openssl-dev
mailing list