RSA 4096 ridiculous?

Werner Koch wk at gnupg.org
Fri Jun 22 13:07:36 CEST 2007


On Fri, 22 Jun 2007 12:42, hhhobbit at securemecca.net said:

> PLEASE DEFINE NOTICEABLE!  If it is still only 0.xx ... 2 seconds for
> your stated conditions which is multiple users with the sender using

A second is definitely noticable and even half a second is often
annoying.  I regular take part in discussions with a dozen or so people
and some of them have the habit of using --throw-keyid. Browsing
througbn these message takes quite a while mainly due to the decryption
time.  With larger keys it would get more annoying.

> time for me to type them.  In other words, it may take me far longer
> to type the pass-phrase than it does to decrypt or decrypt + verify

Not to me as I cache my passphrase for an hour or so.

> I am going to create is to sign just a few files only a few times
> per week or month anyway.

It's up to you.  I still believe that there are hidden bugs in gpg which
are easier to exploit than to break such a larger key.


Shalom-Salam,

   Werner




More information about the Gnupg-users mailing list