Update outdated default preferences
Closed, ResolvedPublic

Description

I hope this patch is acceptable in something like its present form. If
so, I'll write up the documentation updates as well. (But I suspect it
may spark some discussion.)

It updates some rather outdated defaults hard-wired into GnuPG:

  1. Default cipher algorithm: CAST5 -> AES256
  2. Default digest algorithm: SHA1 -> SHA512
  3. Default S2K hash algorithm: SHA1 -> SHA256
  4. Default S2K iterations: 255 (this takes about 400ms in E2E, not

sure about GnuPG timing)

  1. Modification detection codes always used.
  2. Slightly increased default RSA key-size to better match RSA

key-size recommendations.

  1. Display long key IDs by default. (Would a default of showing

fingerprints be acceptable to folks?)

  1. (Try to) never fall back to MD5, SHA1, or RIPEMD160 unless the user

explicitly requests the use of one of these algorithms.

coruus added a subscriber: coruus.

werner closed this task as Resolved.Aug 6 2014, 10:38 AM
werner claimed this task.
werner lowered the priority of this task from High to Wishlist.
werner added projects: Feature Request, gnupg.
werner removed a project: Bug Report.

This has been discussed at gnupg-users at lengths. You need to read the OpenPGP
standard to understand some of the defaults. For the others you may start yet
another disucssion thread at gnupg-users.

re 4) The iteration count used depends on the machine.

coruus added a comment.Aug 6 2014, 2:28 PM

Thank you for the prompt response.

I am familiar with the standard. The only violation of a MUST I'm aware of is that
recipient and personal digest preferences are ignored for hashes with known attacks;
perhaps some of these changes cause GnuPG to behave badly in other cases?

coruus reopened this task as Open.Aug 6 2014, 2:28 PM
werner closed this task as Resolved.Aug 6 2014, 3:37 PM

There are no known attacks on SHA-1. MD5 is disabled anyway in recent versions.
But please continue at gnupg-users - if you like.