Image 01


Bernhard Walle

Security by bwalle 4 comments

It uses the OpenSSL library. Which algorithm it uses depends on the OpenSSL library installed on your system (not all algorithms are available everywhere) and the user's choice.

The default is Blowfish, if it's available. If not, AES. If not available CAST5. IDEA (patended but secure) and 3DES are available, too.

Why Blowfish first and not AES? Simply because Blowfish is available in more OpenSSL installations, but this may change in future. (The algorithm is stored in the XML file, so QPaMaT can still read the files even if the default algorithm changes.)

For the key length, I think (more than one year since I've wrote the stuff) the default OpenSSL settings are used. - Mar 12 2005