Phil H wrote: > I applied the patch to gpg source and compiled as > recommended in the loop-AES.README. Appears to work > ok. > > Is there any easy way to tell if iteration actually > has been "slowed down by 128 times" ie that the > patched gpgp is working as it should? If you decrypt a file that was encrypted using symmetric cipher only using unpatched gpg, then debug output says count 96 $ gpg --decrypt -v -v <symmetric-encrypted-file.gpg >/dev/null ^^^^^ :symkey enc packet: version 4, cipher 7, s2k 3, hash 2 salt 9e5efa02e79f57ff, count 96 ^^^^^^^^ But a file created using patched gpg says count 208 :symkey enc packet: version 4, cipher 9, s2k 3, hash 2 salt b412e8ba16e3ece9, count 208 ^^^^^^^^^ The salt is always unique for each file. The important point is to *create* the key file using patched version. Both unpatched and patched versions can decrypt the file by adapting to the count that was recorded to gpg-encrypted file header. Just in case you are wondering why those test key files used by loop-AES "make tests" are encrypted using (unpatched) count 96. That is because of speed. I wan't that script to run fast even on older hardware. -- Jari Ruusu 1024R/3A220F51 5B 4B F9 BB D3 3F 52 E9 DB 1D EB E3 24 0E A9 DD - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/