--weak-digest SHA1 causes significant slowdown in --check-trustdb (2.1.10)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Jan 5 17:42:13 CET 2016
On Tue 2016-01-05 05:59:04 -0500, Werner Koch wrote:
> On Tue, 5 Jan 2016 05:20, dkg at fifthhorseman.net said:
>
>> With a hot filesystem cache, "gpg2 --check-trustdb" on its own takes
>> about 17 seconds to run.
>
> Can you please also try
>
> gpg2 --no-sig-cache --check-trustdb
>
> I assume this will get you the same timing as with --weak-digest SHA1.
> At least for my tests.
Hm, the sig-cache definitely speeds things up, but it seems orthogonal
to the --weak-digest SHA1 situation:
$ time gpg2 --check-trustdb
real 0m5.855s
user 0m4.652s
sys 0m1.200s
$ time gpg2 --weak-digest SHA1 --check-trustdb
real 0m51.010s
user 0m12.988s
sys 0m38.028s
$ time gpg2 --no-sig-cache --check-trustdb
real 0m30.979s
user 0m29.740s
sys 0m1.244s
$ time gpg2 --no-sig-cache --weak-digest SHA1 --check-trustdb
real 57m26.022s
user 26m57.472s
sys 30m28.892s
$
yikes!
I observe that the kernel/userspace split doesn't seem to be affected at
all by --no-sig-cache, either.
Regards,
--dkg
More information about the Gnupg-devel
mailing list