Problems using 10kbit keys in GnuPG instead of 4kbit keys

Ole Tange tange at
Tue Sep 10 15:31:51 CEST 2013

On Tue, Sep 10, 2013 at 11:07 AM, Werner Koch <wk at> wrote:
> There are several problems with overlong encryption keys, to name just
> two:
>  - If you use an 8k encryption key you should also use an 8k primary
>    certification key because that is the key which is used to keep the
>    parts of an OpenPGP keyblob together.  Without that it is easy to
>    slip in another encryption key.

I have not heard of the primary certification key before. Is it the
'C' in 'usage: SCEA'?

Can that be changed without losing signatures on the public key? If
so, then the size of that can be increased slowly when needed.

My goal with the 10kbit key is not to have 10kbit security today, but
to be able to ramp up the effective key length without loosing the
signatures on my public key.

>    Now, 8k RSA signatures are a pain in
>    the registers.  It takes too long to verify the hundreds of
>    signatures people have on their keyrings - even on fast machines.

I have now generated a test 10kbit key with 200 10kbit signatures.
Adding signature 200 is not measurably slower than adding the first
(in the order of 1.7 sec). I can verify a message signed with the key
with 200 sigs just as fast as a message signed with a key without the
signatures. If it is something else you mean, can you give an example
command line that shows the long time?

Is it something that can be done in parallel and/or be done in the
background and/or be cached?

Does it happen often? Does it happen to a lot of people?

>  - Some MUA decrypt messages on the fly while you are browsing through
>    all the new mails - if that takes too long due to the many 8k keys,
>    it makes the MUA unusable.

In my test the decryption of message encrypted and signed by a 10 kbit
key takes 1.7 seconds, and only on the 10 kbit key holder's machine.

Will you consider this unusable?


More information about the Gnupg-users mailing list