What kind of symmetric encryption is used for encrypting the messagetext?

[efunc]

Hello,

I hope this is the right place to post this question.

I read in the enigmail wiki (http://enigmail.wiki/Signature_and_Encryption) this:

OpenPGP uses hybrid encryption: First it generates a random session key, and encrypts the message with the session key using a symmetric algorithm; then, for each intended recipient, it encrypts the session key with the recipient's public key and adds each encrypted session key to the encrypted message

I want to know which symmetric algorithm is used for the encryption of the message. While generating a key manually Enigmail only asks which kind of asymmetric encryption I prefer and lets the user choose only between two asymmetric encryption solutions. But what symmetric algorithm is used to generate my encrypted message from the key? Can I choose there between different algorithms too or is this always the same one?

To find it out myself I looked up the OpenPGP Standard that is described in RFC4880. In Section 9.2 I found a list of used symmetric algorithms, but I want to know explicitely which one enigmail uses.

It would be great if someone could tell me where in Enigmail I can find which algorithm is used or add a reliable source where the used algorithm is called. I really didn't found it in the enigmail manual, maybe I overlooked it.

[Rob]

Symmetric selection is done by GnuPG, not Enigmail, and follows a really
convoluted list of rules. Roughly speaking, here goes:

1. Is --cipher-algo set? If so, use that: end.

2. Start with this set of ciphers: IDEA, 3DES, CAST5, BLOWFISH, AES,
   AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256.

3. For each recipient, check their key preferences to see which ciphers
   they support. From the set in #2, strike anything that's not supported
   by a recipient. By the end of this process you'll have a set of the
   ciphers supported by all recipients. This list will always have 3DES in
   it, since all clients must support 3DES.

4. Read --personal-cipher-preferences. (Even if you don't have this
   explicitly set, it has a default value. Further, this list will always
   have 3DES in it, since all clients must support 3DES.)

5. For each cipher listed in #4, check to see if it's in the set of
   acceptable algorithms generated in #2-3. Once an acceptable algorithm
   is found, end.

... This is all according to the last time I looked at the source, which
was some years ago. There may have been some tweaks to the algorithm
selection code since then. However, I'm confident this is still
substantially correct.

Note that although you can short-cut the entire process by using
--cipher-algo, pretty much everyone in the GnuPG community -- including
Werner Koch himself -- advises against this. It's too easy to
accidentally break the system when using it. The --cipher-algo option
exists to help debug GnuPG, not for end-users to use.

[Daniele Raffo]

Great answer, Rob. I've put it in the wiki.

[Ludwig Hügelschäfer]

The symmetric encryption algorithm which is used using the OpenPGP standard depends on the key(s) of the recipients. Every key has a algorithm priority list, which will be resolved automatically by GnuPG during the encryption process. The standard which is best suited will be selected. If there is abolutely no congruence, then the 3DES algorithm is selected, this is the only one which must be supported by all OpenPGP compatible clients.

This is why Enigmail cannot provide a setting for the algorithm selection. If you want, you can change the priority list on your key. This can only be done using GnuPG on the command line. Be careful: It's easy to shoot yourself in the foot.