Mailing List Archive: GnuPG: users

ElGamal: key length vs performance

Index | Next | Previous | View Threaded

feitao at msn

Apr 1, 2006, 11:12 AM

Post #1 of 7 (1223 views)
Permalink

ElGamal: key length vs performance

Hi,

As I understand, by default, GunPG uses ElGamal to encrypt/decrypt files,
and the recommended key length is 1024 bit. Is there any information on how
encryption/decryption time changes with the key length? Thanks a lot,

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

johnmoore3rd at joimail

Apr 1, 2006, 1:10 PM

Post #2 of 7 (1156 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

feitao wrote:
> Hi,
>
> As I understand, by default, GunPG uses ElGamal to encrypt/decrypt files,
> and the recommended key length is 1024 bit. Is there any information on how
> encryption/decryption time changes with the key length? Thanks a lot,

FWIW, the larger the size of the Key being used the "longer" the time
required. However, unless you're using a Processor older than Pentium
III I doubt that it would be obvious to the User. Of course, the
difference between using a 1024 Key and an 8192 Key *would* be noticeable.

I am not quite certain where you understand ElGamal is the 'Default'
since it is possible to generate an RSA encryption Key and many folks do.

JOHN :-\
Timestamp: Saturday 01 Apr 2006, 16:09 --500 (Eastern Standard Time)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3-cvs4086: (MingW32)
Comment: Public Key at: http://tinyurl.com/8cpho
Comment: Gossamer Spider Web of Trust (US26): http://www.gswot.org
Comment: Homepage: http://tinyurl.com/9ubue
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBCAAGBQJELuwnAAoJEBCGy9eAtCsP0AwH/3V95ipjY/un7sDUT5tS4eoz
IeGWXwT3PMvh4/+h+Dhn9wK7LJPfh6+p+7Eg8K8tlSYQhhYcTi9ZPUgyLTfEKi6w
SqJj8P7Y5cuiReG15zXwanKHyWGsZrYty5LAkFC4DFrzvR4nfT3nAqrIK7CndzUV
YD7gbKki7REjoKykn23NlAb73nj3J/QiHob5fjgNWMmOBzkauCbhgW96sXqpZM3/
qriVOng6+NHYVa6+KymWVFMn2nphBIU5vp30KTvpwu14bgrLIZ8qv070lCHr7XLv
QjoTHdy0sox7K6FJOVFh0Wkmk40mp+o6cf2EYpouTgs+Vdk2PwAJ9xElvaQvf+c=
=VwD5
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

rjh at sixdemonbag

Apr 1, 2006, 2:08 PM

Post #3 of 7 (1152 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

feitao wrote:
> As I understand, by default, GunPG uses ElGamal to encrypt/decrypt files,
> and the recommended key length is 1024 bit. Is there any information on how
> encryption/decryption time changes with the key length? Thanks a lot,

This one can best be answered with a giant "it depends".

GnuPG is a hybrid cryptosystem. It uses both symmetric and asymmetric
cryptography to encrypt your file. The asymmetric component is going to
be dog slow, but the good news is that only a few bytes of data are
encrypted with it. The rest of your file is decrypted using symmetric
crypto, which is really quite fast.

For small files, the asymmetric component will take up most of the time
and it makes sense to ask how encryption/decryption times vary with key
lengths. For large files, the symmetric component will dominate, and it
won't make sense to ask how encryption/decryption times vary with key
lengths.

The best general advice I can give you is "this isn't something you need
to worry about". Even with a 4kbit key on an old Pentium-II, the
asymmetric operations are fairly brisk. It's quite usable.

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

dshaw at jabberwocky

Apr 1, 2006, 2:53 PM

Post #4 of 7 (1158 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

On Sat, Apr 01, 2006 at 02:12:42PM -0500, feitao wrote:
> Hi,
>
> As I understand, by default, GunPG uses ElGamal to encrypt/decrypt files,
> and the recommended key length is 1024 bit. Is there any information on how
> encryption/decryption time changes with the key length? Thanks a lot,

Not significantly. GnuPG uses Elgamal to encrypt a session key, which
is only around 16-32 bytes long. That's not going to change much
regardless of the key length. If you were encrypting many files over
and over again, perhaps, but most people never notice it in practice.

The performance between different ciphers (3DES, AES, CAST5, etc) is
where you might see something, and it will vary over different sized
files to encrypt.

David

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

arildbjork at yahoo

Apr 1, 2006, 10:21 PM

Post #5 of 7 (1147 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

- --- David Shaw <dshaw [at] jabberwocky> wrote:

> The performance between different ciphers (3DES, AES, CAST5,
etc) is
> where you might see something, and it will vary over different
sized
> files to encrypt.

As an indication of the speed of the ciphers you should download
and install Truecrypt from www.truecrypt.org. Under the menu
Tools you'll find Benchmark which reports the speed for the
ciphers in ram. 3DES is the slowest. Blowfish seems to be the
fastest.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32) - GPGshell v3.51

iD8DBQFEL21ln1hjZcCMxG0RA5s+AJ9iWFtknJ7Ea6LGn585mWef3kTEPACfea/a
nG3Q9of43F8jn8w3TX3+GRQ=
=McPn
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

malayter at gmail

Apr 2, 2006, 7:37 AM

Post #6 of 7 (1154 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

On 4/2/06, Qed <qed [at] tiscali> wrote:
> Different implementations => different speeds.
> You cannot rely on a particular piece software to infer general
> performance figures for crypto algos.

This is very true. In my tests, for example, AES implementation in
GnuPG runs far slower than the implementation used in TrueCrypt, 7zip
or a number of other x86-specific programs.

I mentioned this speed difference to Werner a while back, and he
explained GnuPG has to work on many platforms, so using code optimized
for x86 - even if it is C-code optimized for x86 - isn't going to
happen. Which makes sense.

The easiest way to test is to simply encrypt the same file several
times using different --cipher-algo parameters on the command line. My
tests on Pentium 4s showed CAST5 to be the fastest algorithm in GnuPG
on that platform, but your own hardware is different, you should run
your own tests.
See this discussion at:
http://lists.gnupg.org/pipermail/gnupg-users/2005-August/026315.html

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

wk at gnupg

Apr 2, 2006, 11:50 PM

Post #7 of 7 (1152 views)
Permalink

Re: ElGamal: key length vs performance [In reply to]

On Sun, 02 Apr 2006 14:00:07 +0200, Qed said:

> Different implementations => different speeds.
> You cannot rely on a particular piece software to infer general
> performance figures for crypto algos.

Here are some figures from libgcrypt which uses the same
implementation as gnupg does. CFB mode is used by OpenPGP. The
numbers are for 10^6 bytes encryption/decryption including key setup
for each. CPU is a Pentium M at 1500MHz.

ECB CBC CFB
--------------- --------------- ---------------
3DES 120ms 120ms 130ms 130ms 130ms 120ms
CAST5 40ms 30ms 50ms 60ms 40ms 50ms
BLOWFISH 50ms 50ms 60ms 70ms 60ms 60ms
AES 30ms 30ms 40ms 40ms 30ms 40ms
AES192 30ms 30ms 40ms 50ms 40ms 40ms
AES256 30ms 40ms 50ms 40ms 50ms 40ms
TWOFISH 40ms 30ms 50ms 40ms 40ms 50ms
DES 50ms 60ms 70ms 70ms 60ms 70ms
TWOFISH128 40ms 30ms 50ms 40ms 40ms 40ms
SERPENT128 90ms 90ms 100ms 100ms 100ms 100ms
SERPENT192 90ms 90ms 100ms 100ms 100ms 90ms
SERPENT256 90ms 90ms 100ms 100ms 100ms 100ms
RFC2268_40 120ms 70ms 130ms 90ms 130ms 120ms

Shalom-Salam,

Werner

_______________________________________________
Gnupg-users mailing list
Gnupg-users [at] gnupg
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads