Performance Questions with PGP - PGP

This is a discussion on Performance Questions with PGP - PGP ; The application I am writing will require the use of PGP/GnuPG for high volume electronic document interchange. The specifications states that when the client sends a document to my server, I should decrypt it and let the client know if ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Performance Questions with PGP

  1. Performance Questions with PGP

    The application I am writing will require the use of PGP/GnuPG for
    high volume electronic document interchange.

    The specifications states that when the client sends a document to my
    server, I should decrypt it and let the client know if an error occurs
    durring this process

    My question are these:

    1. Can I simply verify the integrity of the PGP message without having
    to decrypt it first? My thought here is that if I could simply verify
    it, this would be less processor intensive than decrypting right away.

    2. With out getting too mathmatical (because I certainly am not), what
    is the speed ratio between encryption and decryption.

    thanks for all your help!
    BCOT!.

  2. Re: Performance Questions with PGP

    Johnny Cash writes:

    > 1. Can I simply verify the integrity of the PGP message without having
    > to decrypt it first? My thought here is that if I could simply verify
    > it, this would be less processor intensive than decrypting right away.


    If by verifying the integrity you mean checking the signature, the
    answer is no.

    > 2. With out getting too mathmatical (because I certainly am not), what
    > is the speed ratio between encryption and decryption.


    Public-key operations are always much faster than private-key
    operations, because PGP and many other PK cryptosystems choose optimal
    key parameters for the public keys, precisely because it makes the
    public operations faster. For the symmetric encryption and decryption
    of messages (often the bulk of processor time required if messages are
    of non-trivial size), the time required is the same in both directions.
    Some algorithms are faster than others: 3DES is quite slow in symmetric
    encryption, for example, and I think ElGamal is slower than RSA (?) for
    public-key encryption.

    --
    Transpose hotmail and mxsmanic in my e-mail address to reach me directly.

  3. Re: Performance Questions with PGP

    meaneyedcat@hotmail.com (Johnny Cash) wrote in
    news:e04c3215.0310072040.eb01658@posting.google.co m:

    > The application I am writing will require the use of PGP/GnuPG for
    > high volume electronic document interchange.
    >
    > The specifications states that when the client sends a document to my
    > server, I should decrypt it and let the client know if an error occurs
    > durring this process
    >
    > My question are these:
    >
    > 1. Can I simply verify the integrity of the PGP message without having
    > to decrypt it first? My thought here is that if I could simply verify
    > it, this would be less processor intensive than decrypting right away.
    >
    > 2. With out getting too mathmatical (because I certainly am not), what
    > is the speed ratio between encryption and decryption.
    >
    > thanks for all your help!
    > BCOT!.


    This may offer useful comparison: http://www.mccune.cc/PGPpage2.htm#Speed

    Unlike DH keys, RSA public keys are nearly instantaneous in use, but this
    is not true for RSA private keys. DH private keys are faster than the
    DH public key usage.

    --
    Tom McCune
    My PGP Page & FAQ: http://www.McCune.cc/PGP.htm

  4. Re: Performance Questions with PGP

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: RIPEMD160

    "Johnny Cash" wrote in message
    news:e04c3215.0310072040.eb01658@posting.google.co m...
    > The application I am writing will require the use of PGP/GnuPG for
    > high volume electronic document interchange.
    >
    > The specifications states that when the client sends a document to my
    > server, I should decrypt it and let the client know if an error occurs
    > durring this process
    >
    > My question are these:
    >
    > 1. Can I simply verify the integrity of the PGP message without having
    > to decrypt it first? My thought here is that if I could simply verify
    > it, this would be less processor intensive than decrypting right away.


    in gnupg,
    any 'tampering' will immediately be detected as a 'crc error', before
    decryption
    (and unless the option of 'ignore crc error' is selected, all further
    processes for decryption will stop)

    with 'straightforward' communication
    (no paranoid man-in the-middle attacks or cloak and dagger stuff, in your
    threat model),
    the message integrity is checked, the public key that it is encrypted to is
    found,
    and then the decryption process is initiated

    it should not be difficult to spot errors in the first two steps, without
    having to proceed to decrypt

    hth,

    vedaal


    -----BEGIN PGP SIGNATURE-----
    Version: 6.5.8ckt http://www.ipgpp.com/
    Comment: { Acts of Kindness better the World, and protect the Soul }
    Comment: KeyID: 0x6A05A0B785306D25
    Comment: Fingerprint: 96A6 5F71 1C43 8423 D9AE 02FD A711 97BA

    iQEVAwUBP4QDt2oFoLeFMG0lAQNKXAf9ECz+n8NKw7tKPo2f5c B8PFpZFIauF8Ad
    crSm9gNA0iD2YwJiNak/og8lZwmjWccpkBLmwlMTYpCibDcB0iWj5bb8iT8wvZgn
    3VdQTu2WspBGjDYpg7xMqY68myDYLgLT92o9OLD8wrMW5V+6k6 XtDkFtprffDjHu
    i9XP0RKZ5cmcfQqmzmvpslfn1ya+8/uTXbXXCv1e/1JWEjuLjOsnrGUCTCKi7hvB
    ixzi1AOicUbvpn0Q8llLJDVQCbpQM0TiQd26PUeuwQbqoyxHT+ fY1TJDUm+93lHX
    brqY7GN+U5kg32LwQod+Y44JS+Rj3M4edqZUi++hyM1Gnoq/WJqoZg==
    =5//q
    -----END PGP SIGNATURE-----



+ Reply to Thread