how slow are 4Kbit RSA keys? [was: Re: multiple keys vs multiple identities]
Vjaceslavs Klimovs
vklimovs at gmail.com
Mon Sep 27 15:56:52 CEST 2010
On 27/09/10 11:12, David Smith wrote:
> Daniel Kahn Gillmor wrote:
>> On 09/24/2010 09:54 AM, David Shaw wrote:
>>> It won't work with the current generation of OpenPGP smartcards. It also
>>> will be dreadfully slow if you (or someone you are communicating with) ever
>>> uses the key on a small machine (think smart phone). If you are usually on
>>> a "full power" computer, then they generally have the CPU to spare for this
>>> sort of thing, and you'll rarely if ever notice a difference.
>>
>> i'm curious to see some quantitative data about what "dreadfully slow"
>> means.
>
> Not truly "quantitative, but I notice a significant difference between
> encrypting emails to people with 1024-bit keys vs people with 4096-bit
> keys. I'd say that the difference is in the order 3-6 seconds.
>
> I'm running GnuPG 1.4.x on a Sun Ultra10 with a 500 MHz CPU and 1 GB
> RAM. Yes, I know it's old. :-)
>
> We're forced to use 4096-bit keys because some of our customers require it.
>
I did some quick tests on Nokia N900 (600 MHz ARM CPU), with gnupg
1.4.6, here is what I got:
Encrypting and signing, 2048 bit RSA keys:
real 0m 2.50s
user 0m 0.50s
sys 0m 0.02s
Decrypting and verifying, 2048 bit RSA keys:
real 0m 1.74s
user 0m 0.41s
sys 0m 0.04s
Encrypting and signing, 4096 bit RSA keys:
real 0m 3.58s
user 0m 1.92s
sys 0m 0.06s
Decrypting and veryfying, 4096 bit RSA keys:
real 0m 3.80s
user 0m 1.89s
sys 0m 0.03s
Is one second considered a rule of thumb limit? That would mean that
4096 keys are not suitable for widespread use yet.
More information about the Gnupg-users
mailing list