RSA signature verification in gpg-agent?
Werner Koch
wk at gnupg.org
Sat Sep 26 00:00:48 CEST 2015
On Fri, 25 Sep 2015 05:41, dkg at fifthhorseman.net said:
> This seems sensible to me. Given the performance characteristics of RSA
> and of hardware smartcards, i can't imagine that this imposes much of a
> performance cost either.
Definitely not a problem.
Algorithm generate 100*priv 100*public
------------------------------------------------
RSA 1024 bit 30ms 70ms 0ms
RSA 2048 bit 80ms 390ms 10ms
RSA 3072 bit 3490ms 1050ms 20ms
RSA 4096 bit 3590ms 2220ms 20ms
Thus for a 2k key the public key operation (verify) takes only 2% of the
secret key operation (signing). Thus it is barely noticeable even if you
consider that the signing requires some random bytes. For the way
slower smartcard signing the extra verify on the host does not have any
measurable effect.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list