This article is from the Where to get the latest PGP FAQ, by Michael Paul Johnson firstname.lastname@example.org with numerous contributions by others.
PGP 5.0 introduces some new algorithms for both public key and
conventional encryption. These changes are good from both technical
(security & efficiency) and political (patent) standpoints. With the
death of the Diffie-Hellman key exchange patent, the freeware PGP new
algorithms are 100% free of patent problems, and free of legalese such
as come with the RSAREF toolkit. The Diffie-Hellman key exchange key
size limit is also larger than the old RSA limit, so PGP encryption is
actually more secure, now.
The new SHA1 hash function is better than MD5, so signatures are more
secure, now, too. The conventional encryption used is all sound, and
definitely not the weak link in the chain. This much is good news.
The bad news, of course, is that there will be some interoperability
problems, since no earlier versions of PGP can handle these algorithm,
and some PGP freeware issued before the RSA algorithm math patent
expired doesn't support RSA signatures and encryption.
Gnu Privacy Guard was written from the ground up to be free software
under the Gnu Public License. That means that it cannot use the IDEA
symmetric key algorithm, and also that some versions were issued before
the RSA patent expired in the USA, and therefore some older versions of
GPG didn't support RSA signatures or encryption.
For more information on PGP and GPG compatibility, please see