As I obviously have too much time on my hands these days, I figured I wanted to experiment some more with using a large OpenPGP ( www.secure-my-email.com ) keys.

I used GnuPG to generate a keyset of 15360 bit keys for both signing and encryption.
pub 15360R/43E67CF7 created: 2006-12-15 expires: never usage: SC
sub 15360g/7CC80A28 created: 2006-12-18 expires: never usage: E

The signing key is an RSA key, while the encryption key is an ElGamal key.

I did have to tweak a couple of things to get away from the gpg: fatal: out of secure memory issue while generating the encryption key, and figure out interesting ways to give the computer enough entropy, so I ended up writing some Apache modules to freshen up on the Apache Module API in the process, compiling things on the way.

As for the out of secure memory issue, I had to generate the encryption key while not using a password on the key itself, otherwise it ran out while encrypting the key. A password was added without any problem after the initial key generation.

I made a copy of the public key available at www.kfwebs.net , at the present time, however I would ask for this key not to be distributed to any keyserver.

A message signed with the key is located at www.kfwebs.net .

[kristianf@kfc002 ~]$ echo "test using a damn large key" | time gpg2 -u 43E67CF7 --clearsign --digest-algo sha512 > signtest.txt
18.29user 0.01system 0:22.46elapsed 81%CPU (0avgtext+0avgdata 0maxresident)k

shows that it takes approximately 23 seconds to sign this message with the key. Encrypting to it requires approximately 30 seconds.

This is too long for it to be sane to use such keysizes for ordinary communication ( besides the compatability issues that exists for such a large key ) , but it can absolutely be considered for archiving something that is supposed to be stored for a long time.