Solved

PGP overhead

Posted on 2012-03-10
8
900 Views
Last Modified: 2012-03-30
Hi,

Is there any way to determine experimental analysis on the  actual overhead(s)
produced by PGP during the file exchange process?

Is there any tool that I can use to calculate the overhead during the transmissions or any other method to find. To elaborate more I want to know that when I transmit my message without encryption what time, size it goes with to the destination. However if I apply PGP then what is the overhead in terms of time and size of the packets.

Kindly help me ASAP.

Thanks
0
Comment
Question by:searchsanjaysharma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 375 total points
ID: 37706069
If you Fully encrypt your hard-drive, once the OS is booted and you've put in your password, or used your token, the OS has no idea it's encrypted. Copying a file from the hard-drive of the encrypted machine to another machine or share or even attaching to email, makes no real difference, once copied the file is just like all others, unencrypted. Full disk encryption only protects from offline attacks, if your laptop is stolen/lost and someone tries to read the HD, they can't. Once the OS is booted and your logged in, no one can tell the difference between any other computer's HD.
If you are going to encrypt a file using PGP, the encryption takes little extra time, even on large files. PGP has the SDA (self decrypting archive) which is basically an encrypted file, stored in an executable so that who ever you send it to, if they are running the same OS (windows to windows, mac to mac, linux to linux) they can decrypt it with the proper password, without having to install PGP.
Which feature of PGP are you specifically concerned about?
-rich
0
 
LVL 78

Expert Comment

by:arnold
ID: 37706072
Not sure what you need, you can use the raw experiment having a file of size X and then encrypt it. This will be the impact on the size of the message.
What OS are you on?
What email client is in use?
0
 

Author Comment

by:searchsanjaysharma
ID: 37706719
I am using PGP 8.0 on Windows-XP.

I want to experiment on simple file rather then any disk or emil client. Please advice.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 375 total points
ID: 37708224
I would say it's as fast as zipping a file with default settings, depending on the size of the file, it takes no time to a lot of time. CPU isn't that much a factor, it won't rob you of your computer resources.
-rich
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 125 total points
ID: 37710412
Email PGP encrypts fast enough on a modern machine that the time isn't an issue.

However, it requires that you have a key for each recipient, and the message can be larger after encryption, as the actual message is first compressed, then encrypted, then prepended with a pki block (per recipient!) that is the same size as the user's public key.

so, if you send a message with a (say) 1k attachment, then normally the attachment will be encoded for email transmission (increasing its size by 50%) and attached to the message (a typical html message body is around 1k) giving around 2.5K of content; add a few lines of header data to that, and around 3K seems reasonable.

Now, the same message from pgp would be first compressed (lets say down to 1K total) then encrypted with a random key. the random key is then encrypted to each recipient (lets say 2x recipients each with a 2k pgp key) giving [2k recipient 1][2K recipient 2][1 K encrypted message] for a total of 5K. with only one recipient, that would only be 3K of course.

so, there is no easy answer to your question - the resulting size depends so heavily on the compression achieved by the program, and the size of the recipient's keys, that you would need to test on a per-case basis.
0
 

Author Comment

by:searchsanjaysharma
ID: 37724386
Please suggest me about any tool or method that I can perform to carry out this experiment during the file exchange process. Help ASAP will be appreciable.
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 375 total points
ID: 37724426
Use pgp 8... encrypt the file, look at the file... look at task manager's CPU load.  The overhead is going to be next to nothing. The file won't increase much in size, and using PGP's SDA (self decrypting archive) you can actually decrease the file size. Your file won't change size much, maybe a few kilobytes, even a very large file won't change much.
-rich
0
 

Author Closing Comment

by:searchsanjaysharma
ID: 37764646
ok
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question