HOWTO: Determine which algorithm used by PGP Whole Disk Encryption

Article:HOWTO60846  |  Created: 2011-11-14  |  Updated: 2011-11-14  |  Article URL http://www.symantec.com/docs/HOWTO60846
Article Type
How To



To find out which algorithm was used on a machine that was PGP Whole Disk encrypted, the pgpwde utility must be used via the command line.

First, navigate to the proper directory:

C:\Program Files\PGP Corporation\PGP Desktop>

If using a 64-bit operating system, the proper directory is:

C:\Program Files <x86>\PGP Corporation\PGP Desktop>


Then run the following command:

pgpwde --status --disk 0 --xml --passphrae "passphrase here".  The following output will appear:

<?xml version="1.0"?>
<pgpwde version="1.0">
  <diskstatus>
    <id>0</id>
    <instrumented>true</instrumented>
    <encryptionprocess>
      <running>false</running>
    </encryptionprocess>
    <sessionkeys>
      <currentkey valid="true" alg="9"/>
      <oldkey valid="false" alg="9"/>
    </sessionkeys>
    <volumes>
      <volume>
        <sectors total="625137664"/>
        <watermark high="625137664"/>
        <id>C</id>
      </volume>
    </volumes>
    <scheme>Partition</scheme>
    <auth>
      <lockout enabled="true"/>
      <failures max="7"/>
      <wdrt used="false"/>
    </auth>
  </diskstatus>
  <version>10.1.2 (Build 50).50</version>
  <timestamp>Mon Nov 14 12:27:24 2011</timestamp>
</pgpwde>


The section "currentkey valid="true" alg="9"/>" lists 9 as the current algorithm.

Alg: 9 corresponds to AES-256.
Alg: 7 corresponds to AES-128.



Article URL http://www.symantec.com/docs/HOWTO60846


Terms of use for this information are found in Legal Notices