2048 or 4096 for new keys? aka defaults vs. Debian
Filip M. Nowak
gnupg at oneiroi.net
Sun Oct 27 21:28:30 CET 2013
On 10/27/2013 08:41 PM, Werner Koch wrote:
> On Sun, 27 Oct 2013 17:47, gnupg at oneiroi.net said:
>> Numbers please? Or are you talking about personal/subjective impressions?
> What about you running some benchmarks for us? Let's say: a 4k RSA key
> signed by 90 other 4k RSA keys, 8 2k RSA keys, and one 8k RSA key. For
> security reasons key signature chaching has been disabled
> (--no-sig-cache) because you obviously can't accept that in this high
> security theater. Run encryption+signature tests for 2 recipienst out
> of the set of these 100 keys.
Constructive request; from OS perspective I would rather separate user
which is requesting signature verification from keyring owner so I don't
think that --no-sig-cache is only reasonable option in case of "high
security theater" (this makes setup or creation of a proper service more
cumbersome but still - it's possible). Actually it's hard to call setup
in which one user runs MUA or web browser and owns keyring a "high
> Compare that do a set of 2k keys with only one 4k key.
> Run these tests again on an average netbook.
> Once I did tests with off-the self smartcards. Signing a mail with 1k
> RSA key using these smartcards took more than one second - it was barely
> unusable for every days mail processing. Only when we moved to our own
> smartcards (the old AVR based 1k RSA keys) using a smartcards was
> actually usable (<100ms). You don't want to wait 10 seconds to decrypt
> a thread of 10 mails just to notice that it was only CCed office
I don't think 1 second threshold is real no-go here. I would say you
have quite high requirements. Also some MUAs can contribute to such
delays visibly - but I don't know to which part of this setup you
hooked-up to measure.
More information about the Gnupg-users