Choosing What Cipher to Use
Default cipher is CAST5. I recommend using the cipher AES256, which uses a 256-bit Advanced Encryption Standard (AES) key to encrypt the data. Detailed information on AES can be found at the National Institute of Standards and Technology (NIST)’s Computer Security Resource Center (CSRC).
You can set your cipher in one of the following ways:
- Permanent way : Add
--cipher-algoAES256 to your
- Temporary way : Add flag
--cipher-algowith value AES256 in the command line
gpg uses the first key —created first, in the keyring. You can
pass a different key by passing
$ gpg --default-key 0xGPGKEYID --output plain.txt.gpg --symmetric plain.txt
I advice you to sign the data while encrypting, so you can validate the identity of the sender and to ensure the data is actually being sent by the indicated user.
--sign flag to
$ gpg --default-key 0xGPGKEYID --sign --output plain.txt.gpg --symmetric plain.txt
After the decryption you will see and be able to check the details of the key and the sender.
$ gpg -d plain.txt.gpg gpg: AES256 encrypted data gpg: encrypted with 1 passphrase gpg: Signature made Wed 31 Aug 2022 06:40:57 PM +03 gpg: using RSA key CB9EC70F2421AF067D72F98082876A15311B1F84 gpg: Good signature from "User (alias) <[email protected]>" [ultimate] Primary key fingerprint: CB9E C70F 2421 AF06 7D72 F980 8287 6A15 311B 1F84
This all for this post of the series.