Long Key Performance

Werner Koch wk at gnupg.org
Sat Apr 20 12:51:01 CEST 2002

On Fri, 19 Apr 2002 11:08 -0700, Anonymous  said:

> Shouldn't decrypting time be driven by your own key size, not your
> correspondents?  Isn't that how public key works?  I have this feeling

Sure.  I usually reply and that this is a matter.

> I've used gpg on pre-Pentium hardware with 4096 bit keys.  It was
> slow, but usable.  I'm sorry that I don't have specific timing values
> available.

For me the crypto operations are too slow.

> You seem to be arguing that because you personally don't want to buy
> faster hardware, everybody else on the planet should not be permitted
> to use key lengths of their choosing.

No. It is free software. 

> Note that the attack you are positing doesn't have the same properties
> as a factoring attack.

There is no known way of factoring even a 1024 key.  And emails are
usally not a target to mount factoring attack on a personal key - if
you are capabale of doing so, you would start with widley used CA keys
or keys on backing cards.

> You seem to be claiming you know exactly how hard it is to factor.
> The fact is, however, that you don't.  Given that this is a judgment

But I know that there are hundreds of far easier ways to achieve a
goal.  Why breaking the front door when you can easily walk in through
the unlocked back door.


More information about the Gnupg-devel mailing list