Bcrypt, Ccrypt and GPG

Amdx2_x64 · 08-09-2008, 12:45 AM

Out of Bcrypt, Ccrypt and GPG,

Which one is the best (secure) for encryption?

grepmasterd · 08-09-2008, 06:28 AM

bcrypt uses blowfish
ccrypt uses AES
gpg uses any of ElGamal, DSA, RSA, AES, 3DES, Blowfish, Twofish, CAST5, MD5, SHA-1, RIPE-MD-160 and TIGER

there are plenty of academic discussions about the best encryption algorithms - both blowfish and AES are excellent hash algs and I have no opinion on which is better. gpg is very flexible. also, gpg has been around for a number of years, has been widely used and well vetted. Many people consider a robust history to be an important security consideration. It also supports PKI (much better than simple password encryption).

personally I use gpg, but I use it largely to encrypt single files and email.

chort · 08-09-2008, 02:12 PM

Blowfish and AES are both encryption algorithms, not hashing algorithms. Blowfish has been adapted to a password hashing algorithm, but that's not what it was original designed for. You cannot use MD5 or SHA1 to encrypt data, since they are strictly hashing algorithms. The terms are not interchangeable.

grepmasterd · 08-09-2008, 02:17 PM

wups, consider it a typo. I meant to refer to them as encryption algorithms...

Amdx2_x64 · 08-09-2008, 03:28 PM

Thanks. The more I learn about security related issues, the more fascinating I am with it. There is so much more the just a simple firewall and some virus/rootkit/port/etc scanners. I find myself getting side tracked from some other stuff I was going to do and reading up on this even more.

Honestly, if I never used Linux I doubt I would have ever became interested in it. I would have been to busy keeping my MS system running smoothly, lol.