how slow are 4Kbit RSA keys? [was: Re: multiple keys vs multiple identities]

Jean-David Beyer jeandavid8 at
Mon Sep 27 16:46:15 CEST 2010

Hash: SHA1

David Smith wrote:
> Daniel Kahn Gillmor wrote:
>> On 09/24/2010 09:54 AM, David Shaw wrote:
>>> It won't work with the current generation of OpenPGP smartcards.
>>> It also will be dreadfully slow if you (or someone you are
>>> communicating with) ever uses the key on a small machine (think
>>> smart phone).  If you are usually on a "full power" computer,
>>> then they generally have the CPU to spare for this sort of thing,
>>> and you'll rarely if ever notice a difference.
>> i'm curious to see some quantitative data about what "dreadfully
>> slow" means.
> Not truly "quantitative, but I notice a significant difference
> between encrypting emails to people with 1024-bit keys vs people with
> 4096-bit keys.  I'd say that the difference is in the order 3-6
> seconds.
> I'm running GnuPG 1.4.x on a Sun Ultra10 with a 500 MHz CPU and 1 GB 
> RAM.  Yes, I know it's old.  :-)
> We're forced to use 4096-bit keys because some of our customers
> require it.
Am I missing something?

I thought the keys were used to encrypt the block containing the session
key (that is, IIRC, 512 bits). And it is the session key that is used to
encrypt and decrypt the actual message. Since the session key is small,
encrypting or decrypting it should not take a lot of time compared with
doing an entire message (depends on its length, of course).

So unless the time to encrypt or decrypt the session key is large
compared with the time to encrypt or decrypt the actual message, is this
discussion not about the wrong thing? What is the message size of the
messages being used to come up with the numbers on this thread? Are they
realistically large (whatever that might be)?

- --
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key: 9A2FC99A         Registered Machine   241939.
 /( )\ Shrewsbury, New Jersey
 ^^-^^ 10:35:01 up 6 days, 2:03, 3 users, load average: 4.96, 4.74, 4.57
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS -


More information about the Gnupg-users mailing list