Hi Fabio, I'm currently working on an application that uses openpgp.js. I've done some research recently on times for generating keys. These are results from generating RSA keys in javascript using another implementation than openpgp.js and using a core2 duo CPU. Not exactly what you were hoping maybe, but it should give you an idea. I've recently modified the keygen for 'openpgp.js for gmail', allowing up to 16kbit keys to be generated. And results were very similar.
1024bit: 2s, valid until 2006 (not recommended) 2048bit ~10 s 3072bit ~1 min 4096bit ~2 min. 8192bit ~30 min. 16kbit: ~3 hours Results varied on different runs, sometimes taking double the time as the previous run. I think this is related to the random data being available as key generation slowed down after the first attempts. It's probably a good thing but apparently even modern browser have a shitty implementation of generating random data, as pointed out by the guys who created cryptocat: https://github.com/cryptocat/cryptocat/blob/23dc33fde028addbfa8b8a571a85e423903aad4b/src/core/js/etc/random.js So you may want to create your own random data, using for example the mouse and keystrokes, as true randomness is vital for the key strength. FYI (from Wikipedia): 1024-bit RSA keys are equivalent in strength to 80-bit symmetric keys and likely became crackable some time between 2006 and 2010, 2048-bit RSA keys to 112-bit symmetric keys and are sufficient until 2030. 3072-bit RSA keys to 128-bit symmetric keys and should be used if security is required beyond 2030. NIST key management guidelines further suggest that 15360-bit RSA keys are equivalent in strength to 256-bit symmetric keys Should you come up with different results, please let me know. I'll send you an update should I have results for openpgp.js. Recently, I've also modified the source code of gnupg to allow bigger keys. (What's with everyone limiting the maximum key size so 4kbit!?) And there results were also similar, although a bit faster. I managed to create 16kbit keys, they worked ok. Once I created 32kbit keys, there were compatibility issues with other programs using gnupg. The 32kbit keys took 2-3 days to generate on an i7 CPU. I hope this is of some help. Kind regards, Anita > ---------- Forwarded message ---------- >> From: Fabio Pietrosanti (naif) <[email protected]> >> Date: 25 October 2013 07:24 >> Subject: [openpgpjs] Keygeneration performance: Are there any data? >> To: "OpenPGP.js Mailing List" <[email protected]> >> >> >> Hi all, >> >> are there any data related to the performance of OpenPGP.JS key >> generation over the different browser/platforms ? >> >> Would it be OpenPGP.JS suitable for use in context where all web-clients >> connecting to a web-server will generate a key pair before interacting >> with the platform (exchanging client & server public keys and encrypting >> all ajax requests) ? >> >> -- >> Fabio Pietrosanti (naif) >> HERMES - Center for Transparency and Digital Human Rights >> http://logioshermes.org - http://globaleaks.org - http://tor2web.org >> >> _______________________________________________ >> >> http://openpgpjs.org >> Subscribe/unsubscribe: http://list.openpgpjs.org >> >> >
_______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
