Recommended key size for life long key

Ole Tange tange at gnu.org
Sun Sep 8 10:29:18 CEST 2013


On Sun, Sep 8, 2013 at 12:06 AM, Ingo Klöcker <kloecker at kde.org> wrote:
> On Saturday 07 September 2013 23:35:08 Ole Tange wrote:
>> On Sat, Aug 31, 2013 at 11:46 AM, Ole Tange <tange at gnu.org> wrote:
:
>> http://oletange.blogspot.dk/2013/09/life-long-key-size.html
:
> but I'm pretty sure it's relevant for the
> battery life of your and your communication partners' smart phones. In
> particular, if you and your communication partners use equally large
> keys and encrypt each and every email, SMS, chat message, etc.

Assuming a new smartphone runs at 1 GHz with GnuPG 2.0 then
decryption+verify or sign+encryption will be in the order of 10
seconds if both sender and receiver use 10kbit keys. So we are talking
about 10 seconds per RSA encrypted message. Potentially lower if the
phone is multicore and GnuPG's RSA implementation supports
parallelized RSA operations.

If RSA is only used to negotiate the initial session key, then I would
reckon the 10 seconds is hardly noticeable from a battery perspective.
My old Nokia N900 with wifi on will let you sign+encryption 657
messages with 10kbit keys on a full battery using GnuPG 1.4.6. With
GnuPG 2.0 that would be in the order of 1000 messages per charge.

So where your concern really matters would be for high volume messages
 (100 per day or more) that are all RSA encrypted and are used on
battery operated slow devices. Apart from email, can you mention any
app that works like that today?

If I am to include the battery perspective and speculations on what
apps that _could_ be made, I should probably also include what would
happen if smartphones get a cryptochip included (which would bring RSA
operations into the millisecond range - thus rendering the battery
concern moot).


/Ole



More information about the Gnupg-users mailing list