Video Screencast Help

PGP Desktop 10.2.1 - Creating New Keys, Advanced Settings/Options

Created: 29 Nov 2012 | 2 comments

Good Afternoon all,

I have very little knowledge of encryption so please excuse me! I'm in the process of creating a new key - I'd like some further information about the options on advanced settings window. Specifically, the 'Cipher' and 'Hashes' options - all are selected by default. Do I need all of these selected? What are the implications of deselecting some of these check boxes etc? 

I did look at the PGP Help files and have searched the community posts but have found no information. Would be grateful for any advice.

Kind Regards


Comments 2 CommentsJump to latest comment

dfinkelstein's picture

Your PGP Key carries with it a set of "supported" algorithms -- ciphers, hashes, and compression techniques.  These are useful so that if someone wants to send you information, they can look at your key, and pick only an algorithm that you advertise that you support.  Similarly, when you encrypt data to someone else, PGP software will look at the recipient key to determine what algorithms your recipient supports and preferrs to use.

In general, people will be communicating with you using AES and SHA-2, and the only time one of the other algorithms will be used is if you are communicating with someone who has a very very old version of PGP software.  If you feel so inclined, you could uncheck CAST, TripleDES, and IDEA.  I would leave at least one non-AES cipher (such as Twofish), and I would turn off MD5, RIPEMD-160, and SHA-1 (if those are on).



David Finkelstein

Symantec R&D

cfdocs's picture

Hi David,

Thank you kindly for explaining this. Very helpful response.