2048 or 4096 for new keys? aka defaults vs. Debian

Werner Koch wk at gnupg.org
Sun Oct 27 20:41:19 CET 2013

On Sun, 27 Oct 2013 17:47, gnupg at oneiroi.net said:

> Numbers please? Or are you talking about personal/subjective impressions?

What about you running some benchmarks for us?  Let's say: a 4k RSA key
signed by 90 other 4k RSA keys, 8 2k RSA keys, and one 8k RSA key.  For
security reasons key signature chaching has been disabled
(--no-sig-cache) because you obviously can't accept that in this high
security theater.  Run encryption+signature tests for 2 recipienst out
of the set of these 100 keys.

Compare that do a set of 2k keys with only one 4k key.

Run these tests again on an average netbook.



Once I did tests with off-the self smartcards.  Signing a mail with 1k
RSA key using these smartcards took more than one second - it was barely
unusable for every days mail processing.  Only when we moved to our own
smartcards (the old AVR based 1k RSA keys) using a smartcards was
actually usable (<100ms).  You don't want to wait 10 seconds to decrypt
a thread of 10 mails just to notice that it was only CCed office

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list