Encrypted MLs (Was: api for gpg?)

Fred Lindberg lindberg at id.wustl.edu
Mon Apr 27 14:08:25 CEST 1998

On Mon, 27 Apr 1998 19:29:10 +0200, Werner Koch wrote:

> 1) a file with the keyids (or the complete email address) of all
>    subscribers is created and each id is prefixed with "-r " 
> 2) gpg is run with "--options file-with-keyids-from-step-1" and
>    creates a valid message to the n receivers. This file is 
>    stored on disk
> 3) a tool is used to cut off one receivers public-key encrypted
>    session-key and the encrypted messaage id from the file created
>    in step 2 and this is passed to sendmail.
> 4) continue with step 3 but use the next user-id.

>This is quite easy but we have to do a lot of calculations.

This seems to have a "relatively" small fixed cost ([decrypt-verify]
session key, encrypt) and a considerable cost per recipient (encrypt
session key with recipient's public key). With say > 100 recipients,
the first part should be minimal.

Is there an easy way using gpg to measure the time taken for the
per-recipient step?

Is key handling good enough to not make key retrieval a bottle neck
with say 10,000 recipients (a reasonably high maximum; a mailing list
can easily be split into sublists with no more than 1000 recipients in
each, and most totally encrypted lists would probably be < 100
recipients)? If not, keys could be stored in a hash or in a gbm or
equivalent table. Adding keys will be a relatively rare event.

-Sincerely, Fred

(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)

More information about the Gnupg-devel mailing list