Encrypted MLs (Was: api for gpg?)
lindberg at id.wustl.edu
Mon Apr 27 14:08:25 CEST 1998
On Mon, 27 Apr 1998 19:29:10 +0200, Werner Koch wrote:
> 1) a file with the keyids (or the complete email address) of all
> subscribers is created and each id is prefixed with "-r "
> 2) gpg is run with "--options file-with-keyids-from-step-1" and
> creates a valid message to the n receivers. This file is
> stored on disk
> 3) a tool is used to cut off one receivers public-key encrypted
> session-key and the encrypted messaage id from the file created
> in step 2 and this is passed to sendmail.
> 4) continue with step 3 but use the next user-id.
>This is quite easy but we have to do a lot of calculations.
This seems to have a "relatively" small fixed cost ([decrypt-verify]
session key, encrypt) and a considerable cost per recipient (encrypt
session key with recipient's public key). With say > 100 recipients,
the first part should be minimal.
Is there an easy way using gpg to measure the time taken for the
Is key handling good enough to not make key retrieval a bottle neck
with say 10,000 recipients (a reasonably high maximum; a mailing list
can easily be split into sublists with no more than 1000 recipients in
each, and most totally encrypted lists would probably be < 100
recipients)? If not, keys could be stored in a hash or in a gbm or
equivalent table. Adding keys will be a relatively rare event.
(Frederik Lindberg, Infectious Diseases, WashU, St. Louis, MO, USA)
More information about the Gnupg-devel