On Thu, Apr 29, 2010 at 12:58, Stefan Xenon <[email protected]> wrote: > As you know OpenPGP relies on a combination of symmetric (e.g. AES) and > asymmetric (e.g. RSA) encryption. GnuPG uses smart cards for > *asymmetric* encryption only. Also AFAIK gnupg-pkcs11 does the same but > uses a standardized interface (PKCS#11). The general approach is fine, > protecting the secret keys in hardware and computing the intense > operations on the main computer. In case of large amount of data, the > *symmetric* encryption may be the bottle neck, instead of the > *asymmetric* encryption. Therefore an array of several smart cards may > not be the right approach.
I'd tend to disagree. When symmetric encryption becomes a bottleneck, we can usually add more CPU cores to process more encryptions in parallel. Also, for small portions of data, this should not become a concern. However, depending on a single SmartCard to realize asymmetric crypto ops is a bottleneck which seems much harder to overcome. > To me your question would make sense if the main computer is not capable > to handle the symmetric encryption only. In current times of multi core > CPUs I doubt that this may really the case. Also you should consider > that you have to start separate GnuPG instances for each file/user. This > would scale very well on any multi core system nomatter whether a single > GnuPG process separates its workload to several threads or not (what I > don't know). I'm not talking about symmetric crypto, and, specifically, not about PGP encryption at all, since it doesn't involve the private asymmetric key. I suppose that host-handled, purely software crypto is not a concern, exactly for the reasons you have listed - it's quite easy to scale that. What I'm talking about, is PGP *decryption* and *signing* (the operations which have to involve the secret key) using a SmartCard or HSM. I want to have the private key securely stored in the hardware (SmartCard or HSM), asymmetric crypto ops securely performed in the hardware and I'm concerned with the hardware becoming a bottleneck. I suspect that handling e.g. 50 PGP signatures and/or decryptions per second may be too much for this kind of setup - am I right? In such a case, I'd like to know what behaviour would gpg agent exhibit under high load: * will it queue the crypto requests? * will these requests wait indefinitely if the queue grows faster than it is processed or will they timeout? * is there a way to add more SmartCards with readers with the same keypair loaded onto them, and load balance them? As an alternative, I'd like to know whether anyone tried using gnupg-pkcs11 and a HSM (like Thawte/nCipher/nShield or SafeNet Luna) for handling large loads with GnuPG. -- Best Regards, Aleksander Adamowski http://olo.org.pl _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
