Originally posted by AndyChow
View Post
Announcement
Collapse
No announcement yet.
Linux Full Disk Encryption Performance With AMD Ryzen 5 + SATA 3.0 SSD
Collapse
X
-
Michael Larabel
https://www.michaellarabel.com/
-
Originally posted by schmidtbag View PostI just realized - are there any internal drives with their own built-in encryption processor?
longer: Yes, there are HDDs and SSDs that are SEDs (self encrypting devices/drives). E.g. Seagate's Entersprise / Constellation series had models that offered SED functions. There was a normal one (SATA or SAS) and for each also with encryption. (Don't ask me how you kick off that encryption actually and under Linux.)
But: These drives may be liable to US-export regulations (because of US and crypto export laws from days long in the past), so I'm not sure if you can buy them elsewhere or if it is the same functionality. And: Usually this is also some blob ware. You don't know what it does and iirc. for some USB stick it was proven that there can be simple hacks to circumvent the security measures. I have no performance data for any of those but with dedicated ASICs there might me no palpable performance hit.
I think ASICs like VIA Padlock, the Geode thing or the modern CPU instructions are probably still better for that case because they are likely more tested and researched. If you want real security you better add a second software-only solution on top.
Stop TCPA, stupid software patents and corrupt politicians!
- Likes 2
Comment
-
Originally posted by debianxfce View PostSomething is wrong in your computing environment if you need disk encryption and other overkill security features. Possible reasons are high 4G mobile network prices in the developing countries and a high crime rate.
- Likes 2
Comment
-
Originally posted by bosjc View PostSamsung PRO SSDs have built in (AES-256-bit I think). Depends on if you trust their hardware or not, though, I suppose. Having had it before, though, I can tell you there is basically no overhead at all.
Comment
-
-
Originally posted by debianxfce View PostSomething is wrong in your computing environment if you need disk encryption and other overkill security features. Possible reasons are high 4G mobile network prices in the developing countries and a high crime rate.
- Likes 1
Comment
-
-
Originally posted by trek View Post
using more than one cipher can protect you when a new attack is discovered about a single cipher (like the DES story)
Comment
Comment