7

How secure is any data encrypted using the following command:

gpg -o *encrypted_output_file_name* --symmetric --cipher-algo AES256 *file_to_be_encrypted*

Can anyone depend on this to encrypt and archive personal content in a public store?

Please provide details as to which attacks it is vulnerable to, and describe better encryption alternatives if any exist.

Patriot
  • 3,162
  • 3
  • 20
  • 66
Arjun
  • 171
  • 1
  • 1
  • 3

1 Answers1

9

GPG's AES-256 symmetric encryption is believed to be as secure as it is difficult to

  • guess the passphrase
  • or compromise the machine used to perform encryption and decryption.

Guessing the passphrase should be harder if one uses

gpg --s2k-mode 3 --s2k-count 65011712 --s2k-digest-algo SHA512 --s2k-cipher-algo AES256

or equivalently puts in the gpg.conf file:

s2k-mode 3
s2k-count 65011712
s2k-digest-algo SHA512
s2k-cipher-algo AES256

These options increase (to about the maximum possible per the OpenPGP format) the amount of processing to transform a passphrase into a key, hence the resistance to brute-force passphrase search. This is not a substitute to using a hard-to-guess passphrase, but does help significantly.

When encrypting to self, it still makes a lot of sense to use asymmetric encryption: that allows to encrypt without a passphrase, limiting its possible leak to decryption. I use this for automated backups in the cloud (with a different asymmetric key to sign the backups). I can confidently say that nothing on the machines doing the backups allows to decipher the backups.

fgrieu
  • 149,326
  • 13
  • 324
  • 622