Page 1 of 4 123 ... LastLast
Results 1 to 10 of 31

Thread: The Performance Impact Of Linux Disk Encryption On Ubuntu 14.04 LTS

  1. #1
    Join Date
    Jan 2007
    Posts
    15,391

    Default The Performance Impact Of Linux Disk Encryption On Ubuntu 14.04 LTS

    Phoronix: The Performace Impact Of Linux Disk Encryption On Ubuntu 14.04 LTS

    For any Linux laptop users or those concerned about their data's safety on production systems, I highly recommend utilizing disk encryption for safeguarding the data. However, what's the performance impact like these days? In this article with the current development snapshot of Ubuntu 14.04 LTS on a modern Intel ultrabook we're looking at the impact (including CPU utilization) of using an eCryptfs-based home directory encryption and LUKS-based full-disk encryption on Ubuntu Linux.

    http://www.phoronix.com/vr.php?view=19979

  2. #2
    Join Date
    Jan 2014
    Posts
    13

    Default

    I don't use Ubuntu & friends, but I would assume that the comment regarding to /tmp is moot; /tmp is ordinarily a tmpfs these days.

  3. #3
    Join Date
    Oct 2011
    Posts
    60

    Default

    Quote Originally Posted by phoronix View Post
    Phoronix: The Performace Impact Of Linux Disk Encryption On Ubuntu 14.04 LTS

    For any Linux laptop users or those concerned about their data's safety on production systems, I highly recommend utilizing disk encryption for safeguarding the data. However, what's the performance impact like these days? In this article with the current development snapshot of Ubuntu 14.04 LTS on a modern Intel ultrabook we're looking at the impact (including CPU utilization) of using an eCryptfs-based home directory encryption and LUKS-based full-disk encryption on Ubuntu Linux.

    http://www.phoronix.com/vr.php?view=19979
    WTH? I don't see how an encrypted home dir would affect the benchmarks unless you're running the benchmarks inside the encrypted home dir. If that is the case, these numbers perhaps represent only a wildly non-typical "corner-case" performance-wise.

    All of the performance critical system services I've ever seen have typically been run from /opt or /usr - never from a user's home dir.

  4. #4
    Join Date
    Sep 2009
    Posts
    210

    Default

    Quote Originally Posted by david_lynch View Post
    WTH? I don't see how an encrypted home dir would affect the benchmarks unless you're running the benchmarks inside the encrypted home dir. If that is the case, these numbers perhaps represent only a wildly non-typical "corner-case" performance-wise.

    All of the performance critical system services I've ever seen have typically been run from /opt or /usr - never from a user's home dir.
    I wondered about this too.

  5. #5
    Join Date
    Sep 2012
    Posts
    313

    Default

    Interesting. I'm using full disk encryption on my server/htpc and have never noticed any
    performance degree even though it isn't the most powerful creature (Zbox ID18). Now I
    can also confirm that by numbers.

    Quote Originally Posted by david_lynch View Post
    WTH? I don't see how an encrypted home dir would affect the benchmarks unless you're running the benchmarks inside the encrypted home dir. If that is the case, these numbers perhaps represent only a wildly non-typical "corner-case" performance-wise.

    All of the performance critical system services I've ever seen have typically been run from /opt or /usr - never from a user's home dir.
    Benchmarking /opt or /usr if it's the home dir that's encrypted would be pretty meningless...

  6. #6
    Join Date
    Jan 2014
    Posts
    3

    Default

    Quote Originally Posted by Pajn View Post
    Benchmarking /opt or /usr if it's the home dir that's encrypted would be pretty meningless...
    You are right, but then benchmarking from an encrypted /home setup is a 'wildly non-typical "corner-case"' anyway...

    The point here is: If the use case for an encrypted /home setup is different from the full-disk setup, then comparing these setups may not have a realistic meaning...

    Based on these tests results it seems clear that "encrypting the whole disk is much better". However, if the test was a "regular usage"* (browse web, check mail, edit documents, play music, whatever...) which would be the actual performance impact?

    * I understand that "Regular usage" is a concept either difficult or impossible to define and your regular usage may be different from mine.

  7. #7
    Join Date
    Nov 2012
    Posts
    4

    Default

    Quote Originally Posted by david_lynch View Post
    WTH? I don't see how an encrypted home dir would affect the benchmarks unless you're running the benchmarks inside the encrypted home dir. If that is the case, these numbers perhaps represent only a wildly non-typical "corner-case" performance-wise.

    All of the performance critical system services I've ever seen have typically been run from /opt or /usr - never from a user's home dir.
    You're missing the point, eCryptfs isn't only for the home directory. It's commonly used for home dir encryption, where it shouldn't be much of a performance concern anyway, but it can be used on any directory and I (for example) also use it to encrypt project files on an external hard drive and on my laptop's data SSD. I use eCryptfs rather than full-disk for the flexibility it provides, but after seeing these benchmarks I will definitely reconsider some of my choices, or at least do my own tests to see how much is this affecting me in practice. Thanks Michael!

  8. #8
    Join Date
    Jul 2009
    Posts
    260

    Default

    so can it be worked around by creating a home partition? And does Full disk mean full disc or does it mean full partition?

  9. #9
    Join Date
    Dec 2013
    Location
    Pforzheim, Germany
    Posts
    9

    Default Crypto algorithm

    An interesting point would be the impact of the specific cryptographic algorithms on the performance. AFAIK Rijndael was chosen as AES because of its low performance requirements. But how does it differ from the other cryptographic algrithms in the kernel?

  10. #10
    Join Date
    Jul 2009
    Posts
    260

    Default

    Quote Originally Posted by jpuhr View Post
    An interesting point would be the impact of the specific cryptographic algorithms on the performance. AFAIK Rijndael was chosen as AES because of its low performance requirements. But how does it differ from the other cryptographic algrithms in the kernel?
    will performance and special cornercases of fs be of importance aswell?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •