Endpoint Encryption

 View Only

  • 1.  PGP Desktop 10.2.1 - Creating New Keys, Advanced Settings/Options

    Posted Nov 29, 2012 08:44 AM

    Good Afternoon all,

    I have very little knowledge of encryption so please excuse me! I'm in the process of creating a new key - I'd like some further information about the options on advanced settings window. Specifically, the 'Cipher' and 'Hashes' options - all are selected by default. Do I need all of these selected? What are the implications of deselecting some of these check boxes etc? 

    I did look at the PGP Help files and have searched the community posts but have found no information. Would be grateful for any advice.

    Kind Regards

    Chris



  • 2.  RE: PGP Desktop 10.2.1 - Creating New Keys, Advanced Settings/Options

    Posted Nov 29, 2012 03:51 PM

    Your PGP Key carries with it a set of "supported" algorithms -- ciphers, hashes, and compression techniques.  These are useful so that if someone wants to send you information, they can look at your key, and pick only an algorithm that you advertise that you support.  Similarly, when you encrypt data to someone else, PGP software will look at the recipient key to determine what algorithms your recipient supports and preferrs to use.

    In general, people will be communicating with you using AES and SHA-2, and the only time one of the other algorithms will be used is if you are communicating with someone who has a very very old version of PGP software.  If you feel so inclined, you could uncheck CAST, TripleDES, and IDEA.  I would leave at least one non-AES cipher (such as Twofish), and I would turn off MD5, RIPEMD-160, and SHA-1 (if those are on).

    Regards,

     



  • 3.  RE: PGP Desktop 10.2.1 - Creating New Keys, Advanced Settings/Options

    Posted Nov 30, 2012 09:00 AM

    Hi David,

    Thank you kindly for explaining this. Very helpful response.

    Regards

    Chris