Why do you think that TwoFish is bad? It was invented by Bruce Schneier and was in the last round of the AES competition. I believe it to be the better choice than AES.
Am 20.07.19 um 21:41 schrieb Iain Grant:
2 fish... that in it's self is bad. AES, sure lets all be ok about that.
I also read the article and I realise I still rely on gpg far too much and that I need to ween myself off of it!
Iain
On Sat, Jul 20, 2019 at 8:33 PM qmi (list) <lista@miklos.info> wrote:
Hi,
On 7/19/19 1:34 PM, Stephan Seitz wrote:
> I found the following article about PGP/GnuPG:
> https://latacora.singles/2019/07/16/the-pgp-problem.html
>
> In short you should drop GnuPG because it doesn’t do anything really
> the right way. It should be replaced with different tools for
> different situations.
I checked that article. For e.g. the article says, "If you’re lucky,
your local GnuPG defaults to 2048-bit RSA, the 64-bit-block CAST5 cipher
in CFB, ..."
Wrong. The current implementation of GnuPG shipped by Debian Buster -
version 2.2.12 - does support modern cryptographic standards for
symmetric encryption, not only CAST5. For e.g., it does support twofish
and aes. Both of which use 128-bit block sizes, AFAIK. See command
output for gpg below about supported algorithms:
"
qmi@qmiacer:~$ gpg --version
gpg (GnuPG) 2.2.12
(...)
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
(...)
"
So it's good enough, apparently.
>
> Debian is using GnuPG for signing files. From the article:
>
> Signing Packages
>
> Use Signify/Minisign. Ted Unangst will tell you all about it. It’s what
You may be right, though. That tool might have better bindings for
modern programming languages.
Regards,
--
qmi
Email: lista@miklos.info