-----BEGIN PGP SIGNED MESSAGE----- PGP version 2.6.3ia-multi05 1. Supports CAST5, IDEA, Blowfish, Twofish, AES, 3DES ciphers for encryption. 2. Supports MD5, SHA1, RIPEMD160 and SHA2 message digest algorithms. 3. Supports RSA keys up to 8196 bit. 4. Does not choke DSS/DH signatures and keys found in key files. 5. Supports key expiration time. 6. Allows to change "Version: " line. 7. Allows to calculate file hash. 8. Allows to hide recipients KeyID and display 64 bit KeyID. 9. Can be used everywhere in the world and outside. === 1. PGP 2.6.3ia-multi05 is based on 2.6.3(i)a and can use IDEA, CAST5, Blowfish, Twofish, AES128/192/256(Rijndael) and 3DES ciphers for encryption. It is compatible with PGP 2.6 (when using IDEA), PGP 5.x, 6.x (when using IDEA, CAST5 or 3DES), PGP 6.5.8.ckt06 (when using IDEA, CAST5, Blowfish, Twofish, AES or 3DES), PGP 7.x (when using IDEA, CAST5, Twofish AES or 3DES), GnuPG 1.06 and later (when using CAST5, Blowfish, Twofish, AES or 3DES), GnuPG 1.06 and later (when using IDEA and GnuPG have IDEA module loaded). More about compatibility read in file compat.htm To make PGP version that is completely free of patented algorithms (IDEA) define DISABLE_IDEA Disabling IDEA cipher will make it incompatible with other PGP 2.6 versions. To change default cipher add one of following lines in file config.txt: cipher_algo = idea cipher_algo = cast5 cipher_algo = 3des cipher_algo = blowfish cipher_algo = twofish cipher_algo = aes128 cipher_algo = aes192 cipher_algo = aes256 There is also command line options for selecting cipher: -ji for IDEA -jc for CAST5 -jd for 3DES -jb for Blowfish -jt for Twofish -ja for AES128(RIJNDAEL) -je for AES192(RIJNDAEL) -jr for AES256(RIJNDAEL) Command line option will override cipher defined in config.txt. Cipher only needs to be selected when encrypting. When decrypting PGP will automatically find what cipher is used. === 2. PGP 2.6.3ia-multi05 can use MD5, SHA1, RIPEMD160 and SHA2 (SHA256/384/512) message digest algorithms for signing. For conventional encryption and key protection MD5 is still used. SHA2 can be only used for file (message) signing, for key signing MD5 is still used. It is compatible with PGP 2.6 (when using MD5), PGP 5.x, 6.x, 7.x, GnuPG (when using MD5, SHA1 or RIPEMD160). More about compatibility read in file compat.htm To change default message digest algorithm add one of following lines in file config.txt: hash_algo = md5 hash_algo = sha1 hash_algo = ripemd160 hash_algo = sha256 hash_algo = sha384 hash_algo = sha512 There is also command line options for selecting message digest algorithm: -jm for MD5 -js for SHA1 -jp for RIPEMD160 -ju for SHA256 -jv for SHA384 -jw for SHA512 Command line option will override cipher defined in config.txt. Message digest algorithm only needs to be selected when signing. When verifying signature PGP will automatically find what message digest algorithm is used. === 3. This PGP version also supports RSA keys up to 8196 bit. 16 bit DOS versions built with MSVC15 and BC3.1 supports RSA keys only up to 4096 bits. === 4. Unlike other PGP 2.6.x version this version will not import v4 signatures made by newer PGP versions into it's keyring. This means that RSA keys signed by DSS/DH keys can be imported and used. DSS/DH keys, DSS v3 signatures and RSA v4 keys also will not be imported. === 5. This version supports key expiration time. It allows to set key expiration time (whe generating keys) and shows key expiration time. It also shows signature timetamps. === 6. Allows to change "Version: " line. If you don't like that it displays version "PGP 2.6.3ia-multi05" you can put this line in the config.txt file: version = "PGP 9.8-super" Change it to read whatever version string you wish the program to display. === 7. Allows to calculate file hash. Now there are -g option that allows to calculate file hash: pgp -g filename === 8. Allows to hide recipients KeyID and display 64 bit KeyID. With "+throw_keyid" option PGP does not put KeyID into encrypted packets. This option hides the receiver of the message and makes traffic analysis harder. to encrypt and hide KeyID: pgp +throw_keyid -e file recipient There is also "+random_keyid" option. It works just like "+throw_keyid" but the KeyID is replaced with random value instead of all zeros. to encrypt to fake random KeyID: pgp +random_keyid -e file recipient to decrypt such message: pgp +random_keyid file or pgp +fake_keyid=1 file There is also "+fake_keyid" option. It works just like "+throw_keyid" but the KeyID is replaced with user selected KeyID instead of all zeros. to encrypt to fake user selected KeyID: pgp +fake_keyid=1234567890abcdef -e file recipient "1234567890abcdef" is 64 bit KeyID, it should be exacly 16 hex chars long, without "0x" prefix to encrypt to multiple recipients: pgp +fake_keyid=1234567890abcdef9876543210defabc -e file recipient1 recipient2 KeyID of first recipient will be replaced with "1234567890abcdef", keyid of second recipient will be replaced with "9876543210defabc". there should not be any separator between KeyIDs. to decrypt such message: pgp +fake_keyid=1 file "1" can be any string to decrypt such message with gpg: gpg --try-all-secrets file There is also I added "+long_keyid" option. When it is used pgp displays 64 bit keyids. These options can also be used in config.txt file (without leading "+"). === 9. This version can be used everywhere in the world (well.. maybe except some really bad countries) and outside it (orbital stations, Mars bases...) When compiling do not define USA, even if you are in USA. RSA patent is expired, so there is no need to use RSAREF. -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia-multi05 Charset: noconv iQEUAwUBO6CSL3gh9RDtl78/AQFeHgf2McHvEeI/SyjtxwcKQuNvS86nNpdTM9DP DpyQ0ZPfGIt537AjGP/so+sc2keoDIXiloC8O9/22u1hAwquGmbsnSt0rviwL/nV CgNro1TuG86Xx/ziCCyy4hUSzzN/6Rspa2d2bg4/E4dxxbv3+CRxfOy+TiUkSEwm EN+ijE1qxu4UbgafoGYIOPYotNzGrd/owzE4xy+Kab5Y+BcYjuDsNr67y+Hw3csO ylpDX9Yk6PYdKeHBRXhB7dqO4ndR5WY/Kbq2KnFohxYnblKdPgnqKz4UvpiBqbab aSmIn4fEqCJrFTULUQgKPCeBRujs4TnWEggDe5q5T9Jg26bNTGWT =bozY -----END PGP SIGNATURE-----