OpenPGP key statistics

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Wed Jan 29 18:38:54 CET 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

I got curious about the current distribution of keys available on the
keyservers and wrote up a quick tool to dump some of this
information[a] from SKS yesterday. Since this might be of interest for
others as well I'll include some of the findings here. The full post
with main results including some charts are posted in a blog entry on
[0]. I hope to get around to digging a bit deeper into more
information going forwards, in particular taking into consideration
subkeys and expiration/revocations (I just have to figure some good
metrics to look at for this), so please let me know if there are
specific things that might be interesting.

A snippet from the post:
The overall majority (94.74%) were Version 4 keys c.f. RFC4880 with V3
keys representing 4.73% and V2 keys representing 0.53%. DSA keys
represented 74.4%, while 25.6% were RSA keys and a minority ElGamal
(0.03%), Elliptic Curve keys (35 keys) and keys in the experimental
range (32 keys) .

The key lengths spans from 3 keys in the experimental range key with
algo id 103 of 224 bits to 32,768 bits (3 keys, two of which are RSA
and one DSA). Due to the low occurrence of ECC keys (that have an
expectation of lower key lenghts for similar expected security levels
- -  normally in the 256-521 bit range, although there is a strong
possibility that the aforementioned 224 bits keys should also fit in
this category) I have not done any adjustment for these. A full 77.4%
of the keys are included when looking at the aggregate figures up to
and including 1024 bits, roughly 2.7 million of the keys, and the
corresponding number when looking at a 2048 and 4096 bits respectively
are 95.3% and 99.95% of all keys included.

Endnotes:
[a] sksstats is available as a patch to the current SKS tip in my
mercurial queue at
https://bitbucket.org/kristianf/sks-keyserver-patches/src/tip/SKSStats?at=default

References:
[0] http://blog.sumptuouscapital.com/2014/01/openpgp-key-statistics/
- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Acta est fabula
So ends the story
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJS6TyqAAoJEPw7F94F4TagdpkQAKyDGb3ExP7pbeEt37ObrQl1
25IFJQaHFiGr2e2qoLel8d2YiW5/COyqZgYM0sE2llDvJsTVA/nr1Wm3tAX19nV2
MmOE/WzZDs9JNT5HuWCc7Twm4M6NcbxLTvvbUQ4xsV2dfRQPNDRfTBY3HZw3VPgb
P16uN6ryF6Xk5YubEkt3sm+5qFKw1AJmONmnDMSQjLqfKyKnTOLcXIVA3fFFJv0i
gHPlblKAI4DP00kHaF1tGQtOqBHj5LbHH7f2UHsfJwvz75T/VLg2mElqQN6LfIJh
TqZrilE2a9XNZEXaPvJlMKEseQJpaQsy7vlizPJxPrq9uPCK/svHLVH2u4PQsdGc
PdSl3/5cFxsnr9Z4fwV2OijuWOpTBFucNI7VqhEjt212P/bQEPbTpe5hbkKcyGFp
Q+cZvyjXH8YnQxigW8oQRZUS8in+BKcEW3/qkyo1S+ZOB54Ih6Qkcmx5f9WJZFP0
0Cy4JybQJhcAXPhCxkswQf2S0QCzHcg7q6jb16Tbze7NWAMsN++CrJgBo4osGa9Q
g95DKuUndIELJUjUtuaVko0VjvxZuXVrTTntWqhqw+Cie+H3o1uRvbtmDCaxk1vr
oc0FdFHOsNBIr+zBvkJ3GBS30jGYSw+e2aG/RSWENkSIQDIelFr8vVnVl1vU87uL
1zBFYvMyl1hKcCCtdZra
=XRAs
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list