Announcement

Collapse
No announcement yet.

Ubuntu 9.04 Home Encryption Performance

Collapse
X
Collapse
 
  • Page of 3
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 template Next
  • #1

    Ubuntu 9.04 Home Encryption Performance

    Phoronix: Ubuntu 9.04 Home Encryption Performance

    One of the exciting features that is being worked on for Ubuntu 9.04 is encrypted home directories. What this means is that at install-time for either the LiveCD or server installation (or at a point later on when creating additional user accounts), the administrator can opt to have the user's home directory encrypted. This is a step-down from the Ubuntu 7.10 install-time encryption that would encrypt the entire hard drive and just not the user's home directory, but alas, that comes with performance consequences. At the request of Canonical, we have carried out a few benchmarks showing what effect the Ubuntu 9.04 home encryption feature has on the system's overall performance.

    Ubuntu 9.04 Home Encryption Performance - Phoronix
    http://www.phoronix.com/vr.php?view=13210
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    eCryptfs is that the same as luks on Fedora?

    And btw. Before considering hardware encryption read this:

    The con of that is the encryption keys generation is based on your hardware. A different hardware can?t decipher the drive.

    If your motherboard breaks down, you won?t be able to read your data from another computer ! Make some good backups?
    http://www.phocean.net/2008/02/26/co...ption-fde.html

    Comment

    • #3
      One thing I have very strange in this test is, that the write speed on the un-encrypted disk is so slow.

      The used disk, should without any problems be able to write with 60MB/s sequential.

      Comment

      • #4
        **** Privacy! I am *not* going to sacrifice speed like that!

        Does anyone know if/how bad game performance is affected?

        Comment

        • #5
          Why was this test done on such high-performance, not-everyday hardware? How many of us have a 4 core processor in our daily drivers? As for the recommendation that notebook and netbook users should use the disk encryption, what 4-core netbooks (or even notebooks) are available at all?

          I suppose that the hardware was chosen to be favorable to the tests, as the article was responsible in it's full disclosure that Canonical had requested the test. Also, Phoronix was not shy about mentioning that single- and dual-core processors would not see the same performance.

          Comment

          • #6
            /home encryption is largely worthless without swap, /var, and /tmp encryption as well. If you encrypt anything, you may as well encrypt the entire disk. Otherwise, you're sacrificing performance for at best half-assed data protection.

            Comment

            • #7
              What I don't understand is the hype about all these new features of Ubuntu that have been in Fedora/Red Hat for a while. Network manager, package kit, encryption are just a few examples of that. Hyping these features for Ubuntu does do justice to Fedora/Red Hat. For example: the hard work of making these examples work has mainly been done by the Fedora/Red Hat people. The fact that Ubuntu is adopting these makes them winners overall and is good for Linux as a whole.
              Of course there is also work done by Ubuntu. I'm not bashing anything. Just give praise where praise is due...

              Comment

              • #8
                I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

                The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.

                Comment

                • #9
                  Originally posted by Anato View Post
                  I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

                  The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.
                  On my Fedora 9 with AMD64 2GHz single core, the encrytion takes ~15% CPU when I read or write.

                  It is hard to measure the read and write performance, as the error bars are very large.

                  I made a test with a 50MB file:
                  Code:
                  write: (123 + 124 + 201 + 221 + 223) / 5 = 178.4
read: (164 + 293 + 252 + 298 + 293) / 5 = 260
                  using for write
                  Code:
                  time dd bs=1MB count=50 if=/dev/zero of=/home/louise/test
                  and for read
                  Code:
                  time cp /home/louise/test /dev/null
                  Notice how the write performance gets better and better for each try. Very strange!

                  Also the numbers are extremely large. I doubt these numbers are correct.

                  So I guess the conclusion is, that it is very difficult for make a performance test.

                  The only ones that knows how to do it is the folks at http://www.storagereview.com/

                  Comment

                  • #10
                    This really should be off-loaded to hardware. Didn't VIA have some crypto built-in on some of their EPIA boards? It can't be that expensive to put a basic AES cypher chip somewhere in a motherboard's SATA controller section. All that is needed, is for some of the major motherboard manufacturers and chipset makers to sit together and come up with something resembling a unified interface.

                    Comment

                    Previous 1 2 3 template Next
                    Working...
                    X