> Anyone can correct me if I'm wrong, but I believe that private
> keys get encrypted using DES with the key being the MD5 hash of
> the personal keyphrase. We've proved that DES is somewhat weak
> to this kind of attack (remind me to change my passphrase next
> week).
PGP uses IDEA for its conventional encryption, with a 128 bit key.
Mark