High resource usage when verifying a signature

Johannes Zarl-Zierl johannes at zarl.at
Sat Jul 18 15:57:09 CEST 2015


I've noticed that sometimes gpg2 will take around 1-2 minutes on my desktop PC 
attempting to verify an email signature.

At first, I thought that maybe the increasing prevalence of really big keys 
would increase the computational complexity, or that the keyserver 
communication is taking so long, but this does not seem the case.
I'm pretty sure this happens on different kinds of keys, but today I noticed 
it on a 1024 bit DSA key. Looking into top revealed that my email program had 
spawned a gpg2 process that was using 100% of a single CPU core:

gpg2 --enable-special-filenames --batch --no-sk-comments --status-fd 22 --no-
tty --charset utf8 --enable-progress-filter --display :0 --verify -- -&23 -&25

Opening the same email a second time happens more or less instantaneously (as 
far as I know, kmail does not cache the verification).

Is this behaviour to be expected? Is this some computation that happens only 
the first time a new key is encountered?


More information about the Gnupg-users mailing list