Performance regression for gnupg v2 keys

Felix A. Kater fkater at posteo.net
Wed Sep 19 12:45:02 CEST 2018


Hi,

I have older keys and newer keys that behave quite different in the
decryption performance.

Old keys: Generated with gnupg-1.4.x, rsa2048, at 2017-01-10.
New keys: Generated with gnupg-2.2.8, rsa2048, some weeks ago.

I've always been using the defaults for generating the keys (no
--full-gen-key, no --expert).

Test case: Unfortunatelly a bit complicated. It is postgresql's
pg_pub_decrypt() that performs approx. 10x slower when the keys,
generated by gnupg and being passed to postgresql as a binary
string, are generated with gnupg-2.2.8. Postgresql is using gnupg
internally.

My questions here:

(1)
If the issue is caused by the keys: Do I have the chance to compare
old/new key internals?  I've diff'ed the output of gpg -ivv ... of
both keys and AFAIK only the default digest algo has changed from
SHA1 to SHA256. Not sure here though.

(2)
What would be a suitable test case with gpg only, without postgresql.

Thanks




More information about the Gnupg-users mailing list