# Algorithm Recommendations for OpenPGP?

## wswartzendruber

What are the reasons for not forcing AES256 and SHA256?

----------

## Bircoph

Do you mean gpg defaults? Perhaps, compatabilty issues. You can always setup whatever algorythms you want in your key preperences.

Though, I'll think twice before AES usage. This algorythm is too popular and NSA approved, that means that even if there is no classified techniques to break it, this is the most targeted cipher in the world. So it is advisable to use some other, less popular cipher.

----------

## Veldrin

I have to agree with Bircoph.

In addition, it depends, on what you need in a cipher: if strenght is important, use serpentl; if speed is important use twofish (both were aes finalists).

If you are looking for alternative hashing algorithm, I'd suggest rmd or whirlpool (though i am no expert on the subject). IIRC rmd is as old and strong as sha1, but far less attacked, whirlpool creates a long hash...

just my .02$

V.

----------

## Goverp

 *Bircoph wrote:*   

> ...
> 
> Though, I'll think twice before AES usage. This algorythm is too popular and NSA approved, that means that even if there is no classified techniques to break it, this is the most targeted cipher in the world. So it is advisable to use some other, less popular cipher.

 Conversely, if there are weaknesses, you're most likely to hear of them, 'cos lots of people are looking.  Unpopular ciphers are more likely to have weaknesses, because they've had less testing.

----------

