GnuPG. File size limit?
Solution 1
Do I run into problems if I do that or is it perfectly safe to encrypt such large files?
The file size limit is Operating System dependent.
--max-output n
This option sets a limit on the number of bytes that will be
generated when processing a file. Since OpenPGP supports
various levels of compression, it is possible that the plain-
text of a given message may be significantly larger than the
original OpenPGP message. While GnuPG works properly with
such messages, there is often a desire to set a maximum file
size that will be generated before processing is forced to
stop by the OS limits. Defaults to 0, which means "no
limit".
Source gpg
Solution 2
There's no limit, only a possible security issue.
The OpenPGP format according to RFC 4880 has no limits on file size (although a single packet is limited to ~4 GiB, the file will simply be stored as a series of partial packets).
-
Some 32-bit versions of various OpenPGP software might have a limit of 2 or 4 GiB per file. So if you encrypt a file, it's not guaranteed that old computers will be able to decrypt it.
Software compiled for 64-bit should have no problems. (I haven't tested 32-bit GnuPG, but I think it should be fine.)
-
Make sure to avoid old ciphers using 64-bit block sizes (such as IDEA or Blowfish) due to possible security problems similar to the Sweet32 attack.
Ciphers with larger block sizes, such as AES, have no practical limits, but they didn't become the default in GnuPG until very recently (I think 2.1.x) – and even then, if you're encrypting to someone else, their's old pubkey, it might have "preferences" stored that tell the software to use a specific old cipher.
Related videos on Youtube
Admin
Updated on September 18, 2022Comments
-
Admin over 1 year
Is there a file size limit for encrypting a single file with GnuPG(1.0.xx,2.0.xx,2.1.xx)?
The file size ranges from about 2GiB to 100GiB. I'm not worried about the 2Gib but I'm not really sure if it's a good idea to encrypt a single 100GiB file. Do I run into problems if I do that or is it perfectly safe to encrypt such large files?
I checked the FAQ on https://gnupg.org/ and only found an article dealing with file size limits of the different ciphers but not if there is a limitation of the program itself. Here is the link to the specific part: https://gnupg.org/faq/gnupg-faq.html#recommended_ciphersKind regards
-
Attie over 5 yearsAs
gpg
can encrypt in pipeline there is no "file size" in such a situation, but rather length of stream. Are you saying that encrypting large byte-streams / files could produce weaker security due to repetitions (or something)? For example, a 1.4 TiB disk image I have could suffer from weakened security, simply due to it's size.