Announcement

Collapse
No announcement yet.

Ubuntu 11.10 Home Encryption Performance

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ubuntu 11.10 Home Encryption Performance

    Phoronix: Ubuntu 11.10 Home Encryption Performance

    With more and more of one's personal and professional lives being on the computer, encrypting and properly securing those computers -- particularly mobile devices -- is incredibly important. Sadly, it's not often thought about until it's too late. It has become relatively easy to protect your personal data on Ubuntu Linux with home directory encryption support being just a checkbox-away within the installer or even full-disk LVM encryption when using Ubuntu's alternate installer. Previous tests of Ubuntu disk encryption performance have shown there is some penalty in disk-centric workloads, but the benefits are certainly worth it. In this article is a look at the Ubuntu home encryption performance under Ubuntu 11.10 with both old and new laptops.

    http://www.phoronix.com/vr.php?view=16424

  • #2
    Sandy Bridge has an integrated AES encryption engine so that full disk encryption will have no effect on CPU utilization. I am surprised that you did not do CPU utilization benchmarks to measure that.

    Comment


    • #3
      Originally posted by Shining Arcanine View Post
      Sandy Bridge has an integrated AES encryption engine so that full disk encryption will have no effect on CPU utilization. I am surprised that you did not do CPU utilization benchmarks to measure that.
      First thing that comes to mind is: pretty sure there's only support for that in recent gcc versions, and even then the Ubuntu binaries need to have support.
      Second thing that comes to mind is: there will be some effect. It may only be very small, but there will be some effect.

      Comment


      • #4
        Originally posted by mirv View Post
        First thing that comes to mind is: pretty sure there's only support for that in recent gcc versions, and even then the Ubuntu binaries need to have support.
        Second thing that comes to mind is: there will be some effect. It may only be very small, but there will be some effect.
        AFAIK you only need a new enough kernel with the AES* modules? The binaries have nothing to do with it, the AES encryption acceleration comes from the Intel CPU in combination with the kernel modules. No?

        Comment


        • #5
          Originally posted by fackamato View Post
          AFAIK you only need a new enough kernel with the AES* modules? The binaries have nothing to do with it, the AES encryption acceleration comes from the Intel CPU in combination with the kernel modules. No?
          Yes, you're right, my bad. I think it's still a little too new for considering in the benchmark though.

          Comment


          • #6
            The bottleneck is elsewhere: https://bugs.launchpad.net/ubuntu/+s...ls/+bug/654764
            I was never worried by an additional CPU overhead, but also never imagined my disk will work 10x slower with encrypted home...
            Last edited by krzta; 09-14-2011, 02:52 PM.

            Comment


            • #7
              one or two graphs showing CPU load differences in general should be important. Disk-performance is one thing, CPU load is the other bit of the 'cost'. My laptop is a 2.1Ghz pentium-m based bit, and would be quite interesting in how much CPU load I should expect from encrypted home.

              Comment


              • #8
                Yes, they are 2 different things. You just won't notice CPU overhead, while the disk one, especially if you're moving a lot of files (eg. backups, movies etc.) will bite you pretty hard. Mostly frustrating if you have a top notch ssd.

                Comment


                • #9
                  How about netbooks / atom?

                  It would be interesting to see these same benchmarks run on netbook class hardware. Before I replaced it, I would only encrypt my home directory on my EEE 1000HE, and even moved my development projects outside my home directory to avoid the penalty. If a core 2 duo shows a worst case 15% degradation, I was probably right to do so -- that's about a 5x faster CPU than an Atom.

                  Comment


                  • #10
                    Hardware Acceleration benchmarks

                    I too would be interested to hear:
                    • If hardware acceleration (AES-NI) was enabled and active for the Sandy Bridge processor benchmarks.
                    • What the CPU load was on the respective systems during the tests.

                    I've used encrypted home on Ubuntu since it became available. I have a Vertex2 SSD, but data transfers within home are limited to around 20 - 25 MB/sec, which maxes out one CPU core (Core2 Duo P8600). I don't so mind the slow speed so much as apps etc. still start lightning fast (only home is encrypted), but the fact that the CPU burns from simple copy operations is annoying, and it would be great if that work could be offloaded in my next machine.

                    More info about AES-NI can be found at Tom's Hardware, but no Linux benchmarks sadly.

                    Comment


                    • #11
                      Originally posted by gdi2k View Post
                      I've used encrypted home on Ubuntu since it became available. I have a Vertex2 SSD, but data transfers within home are limited to around 20 - 25 MB/sec, which maxes out one CPU core (Core2 Duo P8600). I don't so mind the slow speed so much as apps etc. still start lightning fast (only home is encrypted), but the fact that the CPU burns from simple copy operations is annoying, and it would be great if that work could be offloaded in my next machine.
                      Thanks for that info, I didn't notice 100% CPU usage during long operations. A bit strange it sucks so much power, but it seems we gotta live with it for now, waiting for more powerful CPUs to better utilize our super fast SSDs

                      Comment


                      • #12
                        My experience is that most semi-modern hardware handles disk encryption without much problem. Heck, I use dm-crypt/luks in Arch Linux on a Lenovo netbook with a 1.6GHz Atom CPU and a 250GB HD without any noticeable loss in performance.

                        Comment


                        • #13
                          Testing...

                          Originally posted by korpenkraxar
                          My experience is that most semi-modern hardware handles disk encryption without much problem. Heck, I use dm-crypt/luks in Arch Linux on a Lenovo netbook with a 1.6GHz Atom CPU and a 250GB HD without any noticeable loss in performance.
                          Here's a simple test to time a 1 GB write, I would be interested to see your results. I'll post mine below. If you encrypt your whole root, maybe you can run the second test on your unencrypted /boot partition for testing purposes.

                          Hardware: Lenovo X200, Core2 Duo P8600, 4 GB RAM, Vertex2 SSD (90GB), Ubuntu 11.04 64-bit.

                          Test writing to an encrypted area on the SSD (using Ubuntu's standard home encryption stuff):
                          Code:
                          gdi2k@X200:~$ time dd if=/dev/zero of=~/test bs=1024 count=1000000
                          1000000+0 records in
                          1000000+0 records out
                          1024000000 bytes (1.0 GB) copied, 43.3324 s, 23.6 MB/s
                          
                          real	0m43.336s
                          user	0m0.140s
                          sys	0m39.260s
                          Test writing to the SSD without encryption:
                          Code:
                          root@X200:~# time dd if=/dev/zero of=/root/test bs=1024 count=1000000
                          1000000+0 records in
                          1000000+0 records out
                          1024000000 bytes (1.0 GB) copied, 4.39919 s, 233 MB/s
                          
                          real	0m4.405s
                          user	0m0.080s
                          sys	0m2.790s
                          For me, the performance loss is noticeable by a factor of 10. And as I said, during the write to the encrypted space, one CPU core is constantly saturated, generating heat, causing fan noise, and increased power consumption. I think AES-NI would be very beneficial in my case, and probably even more so for reads than writes.

                          Comment


                          • #14
                            Damnit, I knew I would have to eat crow for that not so very carefully phrased statement :-)

                            I've run these dd's on both a 64-bit W500 Thinkpad laptop and the 32-bit Ideapad netbook, both running Arch Linux with dm-crypt/luks partitions on everything but /boot. I just did 250M though, because the /boot on the netbook is too small for a gig. /boot is ext3 and /home is ext4. This is what I get:

                            Netbook:
                            =====

                            Unecrypted boot:
                            Code:
                            time dd if=/dev/zero of=test bs=1024 count=250000
                            250000+0 records in
                            250000+0 records out
                            256000000 bytes (256 MB) copied, 4.30648 s, 59.4 MB/s
                            
                            real    0m4.314s
                            user    0m0.227s
                            sys     0m3.656s
                            Encrypted home:
                            Code:
                            time dd if=/dev/zero of=test bs=1024 count=250000
                            250000+0 records in
                            250000+0 records out
                            256000000 bytes (256 MB) copied, 4.518 s, 56.7 MB/s
                            
                            real    0m4.523s
                            user    0m0.277s
                            sys     0m4.230s
                            Laptop
                            =====

                            Unecrypted boot:

                            Code:
                            time dd if=/dev/zero of=test bs=1024 count=250000
                            250000+0 records in
                            250000+0 records out
                            256000000 bytes (256 MB) copied, 5.2695 s, 48.6 MB/s
                            
                            real	0m5.315s
                            user	0m0.033s
                            sys	0m0.957s
                            Encrypted home:

                            Code:
                            time dd if=/dev/zero of=test bs=1024 count=250000
                            250000+0 records in
                            250000+0 records out
                            256000000 bytes (256 MB) copied, 5.02218 s, 51.0 MB/s
                            
                            real	0m5.266s
                            user	0m0.047s
                            sys	0m1.500s
                            They are quite even over here but I am not sure about /dev/zero as a source. There is quite a bit of variation in these numbers if I repeat the tests. Does commit intervals for ext filesystems matter here btw?

                            I am not sure it matters much though. If I can take the liberty to rephrase my statement a little: without any noticeable loss in performance => without much noticeable loss in performance in day-to-day use. For instance, most long writes I do on the netbook consists of transferring movie files from my NAS to the disk and in such cases, the network is the limiting factor. I do not argue against having more of the crypto stuff in silicon, I just have not been hit by major performance regressions yet.

                            Moreover, it looks like your SSD is incredibly fast compared to my rotating disks. Perhaps the crypto overhead is low in my case compared to the I/O of my laptops...

                            Comment


                            • #15
                              Interesting!

                              Thanks for posting your speeds, some interesting stuff there. You're right, in your case 5 MB/s makes no practical difference in day to day use. Due to my high SSD speeds, it makes more of a difference for me.

                              What surprises me is that your 1.6 GHz Atom-based Ideapad is able to write to an encrypted partition at nearly 57 MB/sec when my Core2 Duo (2.4 GHz) can only write to an encrypted partition at 25 MB/sec (I've run the test a dozen times, it never gets over 26).

                              I'd be interested to find out why this may be. My first thought is that my encryption implementation is more CPU-intensive than yours. Ubuntu uses the AES cipher with a 16-byte key length (128 bit) for its home encryption from what I can tell from the mount command. What does mount tell you about your encrypted partition?

                              I also agree that dd is not the best approach to benchmarking this stuff but it's quick and dirty. Maybe I'll have a go with the phoronix test suite thing over the coming weekend...

                              Comment

                              Working...
                              X