slow signature verification with certain keys

Werner Koch wk at gnupg.org
Fri Aug 31 10:29:01 CEST 2001


On Thu, 30 Aug 2001 16:24:47 -0500, Steven Barker said:

> I have noticed that verifying the signatures made by certain keys take much
> longer than average (45sec to a minute on my P3 550).  One example is the key
> used to sign the attached message.  I've examined the author's key as best I

You mean grisu at db.debian.org?

The slow verification should only happen the first ti e you do this.
He has a lot of signature on his key and the Web of Trust has to be
done (yes, I know that it is far too slow and I have plans to rewrite
that whole thing).  This takes a lot of time.

Since 1.0.5 key signature are checked everytime the key is used; this
makes it really slow.  Try that hint from the NEWS file:

    * The verification status of self-signatures are now cached. To
      increase the speed of key list operations for existing keys you
      can do the following in your GnuPG homedir (~/.gnupg):
         $ cp pubring.gpg pubring.gpg.save && $ gpg --export-all >x && \
          rm pubring.gpg && gpg --import x
      Only v4 keys (i.e not the old RSA keys) benefit from this caching.

> Is there a ligitimate reason it should take much longer to verify his
> signatures, or is it a bug?

Another reason might be that there is one key signature done with an
ElGamal signing key - that is much slower than DSA or RSA.

  Werner

-- 
Werner Koch        Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH      et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions                                        -- Augustinus





More information about the Gnupg-devel mailing list