GPG with GPUs

Robert J. Hansen rjh at
Mon Jun 18 05:31:40 CEST 2012

On 06/17/2012 01:26 PM, Hauke Laging wrote:
> start cmd:> time gpg --encrypt --sign 200k-file 

Unless you're testing with 50 certificates, this isn't exactly a fair
comparison.  Here's what I came up with:

System: Intel i7-2600K @ 3.4GHz, 32Gb RAM

	* A 256k random file was created [1]
	* This file was encrypted with 50 certificates [2]
	* The time was reported (see below)
	* The file was checked [3] to ensure all 50 certs were

Results: 0.31 seconds to encrypt a 256k file containing random binary
	data to 51 certificates (my own + 50 others)

Conclusions: there's something amiss here that neither a new GPU nor an
RNG will fix.

I'm including the Python script (works with 2.7 and 3.2) I used for
testing, so that other people who are interested in recreating my
results can check for themselves.  Warning: if you ever write Python
code like this in the real world your programming team will beat you to

[1] dd if=/dev/urandom of=rand.bin bs=262144 count=1
[2] The script to run GnuPG with the huge recipient list is:

from __future__ import print_function
from re import compile as compile_re
from subprocess import check_output as run_cmd

rx = compile_re("^pub:[f-]:.*:([0-9A-F]{16}):")

            "/usr/bin/time /usr/bin/gpg2 " +
            "--trust-model always --armor --recipient " +
            "--recipient ".join(
            [ + " " for Y in
           for X in run_cmd(
            if Y != None][:50]
            ) + "--encrypt rand.bin"
[3] /usr/bin/gpg2 --list-packets rand.bin.asc|grep keyid|wc -l

More information about the Gnupg-users mailing list