gpg: default to AES-256.

* g10/main.h (DEFAULT_CIPHER_ALGO): Prefer AES256 by default. -- It's 2017, and pretty much everyone has AES-256 available. Symmetric crypto is also rarely the bottleneck (asymmetric crypto is much more expensive). AES-256 provides some level of protection against large-scale decryption efforts, and longer key lengths provide a hedge against unforseen cryptanalysis. Signed-off-by: Daniel Kahn Gillmor <[email protected]>
author: Daniel Kahn Gillmor <[email protected]> 2017-09-07 23:04:00 +0000
committer: Daniel Kahn Gillmor <[email protected]> 2017-09-08 18:32:49 +0000
commit: 73ff075204df09db5248170a049f06498cdbb7aa (patch)
tree: ba3f2994a7b307b62aafde61dfa0d07db05fbfbc
parent: gpg: default to 3072-bit RSA keys. (diff)
download: gnupg-73ff075204df09db5248170a049f06498cdbb7aa.tar.gz
gnupg-73ff075204df09db5248170a049f06498cdbb7aa.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/g10/main.h b/g10/main.h
index 87417ee37..48503602b 100644
--- a/g10/main.h
+++ b/g10/main.h
@@ -31,7 +31,9 @@
    (i.e. uncompressed) rather than 1 (zip).  However, the real world
    issues of speed and size come into play here. */
 
-#if GPG_USE_AES128
+#if GPG_USE_AES256
+# define DEFAULT_CIPHER_ALGO     CIPHER_ALGO_AES256
+#elif GPG_USE_AES128
 # define DEFAULT_CIPHER_ALGO     CIPHER_ALGO_AES
 #elif GPG_USE_CAST5
 # define DEFAULT_CIPHER_ALGO     CIPHER_ALGO_CAST5
author	Daniel Kahn Gillmor <[email protected]>	2017-09-07 23:04:00 +0000
committer	Daniel Kahn Gillmor <[email protected]>	2017-09-08 18:32:49 +0000
commit	73ff075204df09db5248170a049f06498cdbb7aa (patch)
tree	ba3f2994a7b307b62aafde61dfa0d07db05fbfbc
parent	gpg: default to 3072-bit RSA keys. (diff)
download	gnupg-73ff075204df09db5248170a049f06498cdbb7aa.tar.gz gnupg-73ff075204df09db5248170a049f06498cdbb7aa.zip