Praetorian

As far as I know, pure asymmetric encryption process is very slow, that's why PGP, OpenSSL and most of other cryptographic software uses asymmetric encryption only to encrypt a small piece of random data, called session key. That session key is used to encrypt whole message using fast SYMMETRIC cipher, such as AES, Blowfish, RC4, DES, etc.
As RetroShare uses OpenPGP and OpenSSL for cryptography, it MUST be using some kind of symmetric cipher to encrypt major part of user data.

The question is what SYMMETRIC algorithm is used in RetroShare? I hope, that AES256.
Can you implement the ability to choose this encryption algorithm for the end user?


In year 2005 a group of software crackers breaks 1024-bit RSA key (using distributed computations) to make a keygen for WinRAR, so 2048-bit key will be the next goal for codebreakers.

So I'd like to see the ability to choose key size up to 4096 bit, when I create a new key in RetroShare.
I can use GPG for that, of course, but none of my RetroShare friends can deal with GPG.
Svampen

With the upcoming 0.6, you can even use 8k keys.
csoler


According to our cipher list, we're using AES256 always, with perfect forward secrecy based on a DH-4096bits safe prime number.

RS already supports PGP keys larger than 2048 bits, but it does not generate them. It will optionaly in v0.6. For v0.5, you can generate a RSA/RSA key with gnupg and import the keypair (ascii file containing both public and private keys) using the identity import from the key creation wizard.
