Benchmarking OpenPGP operations with GnuPG [was: Re: how slow are 4Kbit RSA keys?]

Daniel Kahn Gillmor dkg at
Wed Sep 29 06:02:03 CEST 2010

On 09/24/2010 05:23 PM, Grant Olson wrote:
> I can test on a Motorola i1 (Boost' droid) with APG, but I'll only be
> able to do a stopwatch test.  As far as I'm concerned, under one sec is
> good.

i'd be interested in seeing the results, even if the mechanism is clunky
(btw, you could also use a webcam or other digital video and count
frames, if you want sub 1Hz resolution) -- it's still wall-clock
measurements, and not CPU usage measurements, but it's a reasonable data

> I believe you've got a 4096 bit key that uses a serious hash.  Would you
> mind posting a test clearsigned message so that we're all using the same
> document to test against?


I just wrote a test script that generates a bunch of tabular data,
comparing the four different operations (encrypt, decrypt, sign, verify)
against different algorithms and keylengths.

It's a bash script that you can fetch here:

My OpenPGP signature is available for the script here:

If you'd rather just check the checksum of the file, itshould have the
sha1sum of 5ae139246aee983a3d9b7e7ba6975191d09ba0ae.

you'll need to make it executable before running it, of course.  And it
shouldn't require any special system privileges, nor should it tamper
with any files outside of the log it creates and a working directory
that it also creates.

If you run it, it will generate a plaintext report.  if you mail me back
the report (off-list), i'll use your data in a summary of results that
i'll post to the list.

If you do this, please let me know what kind of machine you were running
it on (e.g. "this is my smartphone", "this is a server", "this is my
little embedded router").  I'm particularly interested in the marginal
cases -- systems that are significantly low-powered.

Be aware that on low-powered machines, the full set of benchmarks may
take quite a long time, and hammer your CPU.  If battery life is a
concern for your computer, please only run this when the computer is
plugged in.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100929/61c53c0f/attachment.pgp>

More information about the Gnupg-users mailing list