Creating a small JPEG photo for your OpenPGP key

I’m in the process of moving to a new OpenPGP key, and I want to include a small JPEG image of myself in it. The OpenPGP specification describes, in section 5.12.1 of RFC 4880, how an OpenPGP packet can contain an JPEG image. Unfortunately the document does not require or suggest any properties of images, nor does it warn about excessively large images. The GnuPG manual helpfully asserts that “Note that a very large JPEG will make for a very large key.”.

Researching this further, it seems that proprietary PGP program suggests 120×144 as the maximum size, although I haven’t found an authoritative source of that information. Looking at the GnuPG code, you can see that it suggests around 240×288 in a string saying “Keeping the image close to 240×288 is a good size to use”. Further, there is a warning displayed if the image is above 6144 bytes saying that “This JPEG is really large”.

I think the 6kb warning point is on the low side today, however without any more researched recommendation of image size, I’m inclined to go for a 6kb 240×288 image. Achieving this was not trivial, I ended up using GIMP to crop an image, resize it to 240×288, and then export it to JPEG. Chosing the relevant parameters during export is the tricky part. First, make sure to select ‘Show preview in image window’ so that you get a file size estimate and a preview of how the photo will look. I found the following settings useful for reducing size:

  • Disable “Save EXIF data”
  • Disable “Save thumbnail”
  • Disable “Save XMP data”
  • Change “Subsampling” from the default “4:4:4 (best quality)” to “4:2:0 (chroma quartered)”.
  • Try enabling only one of “Optimize” and “Progressive”. Sometimes I get best results disabling one and keeping the other enabled, and sometimes the other way around. I have not seen smaller size with both enabled, nor with both disabled.
  • Smooth the picture a bit to reduce pixel effects and size.
  • Change quality setting, I had to reduce it to around 25%.

See screenshot below of the settings windows.

GnuPG photo GIMP settings window

Eventually, I managed to get a photo that I was reasonable happy with. It is 240×288 and is 6048 bytes large.

GnuPG photo for Simon

If anyone has further information, or opinions, on what image sizes makes sense for OpenPGP photos, let me know. Ideas on how to reduce size of JPEG images further without reducing quality as much would be welcome.

9 Replies to “Creating a small JPEG photo for your OpenPGP key”

  1. Instead of lowering the quality to 25%, I would rather reduce the image size: remember this is for an ID photograph, which really does not need to be that big: 200 px high would already be sufficient. And remember that the weight of an image is basically proportional to the number of points it contains, which is proportionnal to its area (width × height), so when you reduce it by some amount, it has “twice” that effect on its final weight.

    Also, since this is a black and white photograph, you should better store it as greyscale JPEG: you would save a significant amount of space with a better quality, actually. You did not add it to your key and publish it to the key servers, did you?

    • I have pushed the key, but I haven’t started to use it significantly so there is still time to revert and create a new key. I suppose I can revoke the current photo uid on the new key, but the photo will still consume size in my PGP key forever. I guess I could remove that uid from my key, but I’ll likely receive it again from key servers eventually.

      Maybe I should use a color photo instead. Given the hint about jpegoptim, I should be able to get a much higher quality JPEG in 6k than what I got now.

  2. FYI, in Fance standard ID photographs (I think they are the same in passports, so that may be an international standard) are 2.5 cm × 3.5 cm, which is 148×207 pixels at 150 px/in, but even that is a bit larger than necessary I think.

    • Swedish passports seems to change the image size over the years. I looked at our family’s passports and they are all different, but generally around 3-3.5cm x 4-4.5cm. The latest passport (issued May 2014) doesn’t use a square border around the photo, so it is hard to tell what the maximum size really is — the size of my head takes up 2.8cm x 3.2cm though.

      Is 150px/in considered sufficient quality for identification purposes?

  3. My 6kb jpeg is much higher quality than yours. I only needed to go to around 50% jpeg quality. If I did it in grayscale I only needed to go to 60%.

    jpegoptim –strip-all photo.jpg does nothing to my size. But yours look OK for a 2.9kb image.

  4. Pingback: Creating a strong new PGP keypair and post it on Keybase – Thinking in a digital life

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.