Originally posted by gdi2k
View Post
Announcement
Collapse
No announcement yet.
Ubuntu 11.10 Home Encryption Performance
Collapse
X
-
Testing...
Originally posted by korpenkraxarMy experience is that most semi-modern hardware handles disk encryption without much problem. Heck, I use dm-crypt/luks in Arch Linux on a Lenovo netbook with a 1.6GHz Atom CPU and a 250GB HD without any noticeable loss in performance.
Hardware: Lenovo X200, Core2 Duo P8600, 4 GB RAM, Vertex2 SSD (90GB), Ubuntu 11.04 64-bit.
Test writing to an encrypted area on the SSD (using Ubuntu's standard home encryption stuff):
Code:gdi2k@X200:~$ time dd if=/dev/zero of=~/test bs=1024 count=1000000 1000000+0 records in 1000000+0 records out 1024000000 bytes (1.0 GB) copied, 43.3324 s, 23.6 MB/s real 0m43.336s user 0m0.140s sys 0m39.260s
Code:root@X200:~# time dd if=/dev/zero of=/root/test bs=1024 count=1000000 1000000+0 records in 1000000+0 records out 1024000000 bytes (1.0 GB) copied, 4.39919 s, 233 MB/s real 0m4.405s user 0m0.080s sys 0m2.790s
Comment
-
Damnit, I knew I would have to eat crow for that not so very carefully phrased statement :-)
I've run these dd's on both a 64-bit W500 Thinkpad laptop and the 32-bit Ideapad netbook, both running Arch Linux with dm-crypt/luks partitions on everything but /boot. I just did 250M though, because the /boot on the netbook is too small for a gig. /boot is ext3 and /home is ext4. This is what I get:
Netbook:
=====
Unecrypted boot:
Code:time dd if=/dev/zero of=test bs=1024 count=250000 250000+0 records in 250000+0 records out 256000000 bytes (256 MB) copied, 4.30648 s, 59.4 MB/s real 0m4.314s user 0m0.227s sys 0m3.656s
Code:time dd if=/dev/zero of=test bs=1024 count=250000 250000+0 records in 250000+0 records out 256000000 bytes (256 MB) copied, 4.518 s, 56.7 MB/s real 0m4.523s user 0m0.277s sys 0m4.230s
=====
Unecrypted boot:
Code:time dd if=/dev/zero of=test bs=1024 count=250000 250000+0 records in 250000+0 records out 256000000 bytes (256 MB) copied, 5.2695 s, 48.6 MB/s real 0m5.315s user 0m0.033s sys 0m0.957s
Code:time dd if=/dev/zero of=test bs=1024 count=250000 250000+0 records in 250000+0 records out 256000000 bytes (256 MB) copied, 5.02218 s, 51.0 MB/s real 0m5.266s user 0m0.047s sys 0m1.500s
I am not sure it matters much though. If I can take the liberty to rephrase my statement a little: without any noticeable loss in performance => without much noticeable loss in performance in day-to-day use. For instance, most long writes I do on the netbook consists of transferring movie files from my NAS to the disk and in such cases, the network is the limiting factor. I do not argue against having more of the crypto stuff in silicon, I just have not been hit by major performance regressions yet.
Moreover, it looks like your SSD is incredibly fast compared to my rotating disks. Perhaps the crypto overhead is low in my case compared to the I/O of my laptops...
Comment
-
Interesting!
Thanks for posting your speeds, some interesting stuff there. You're right, in your case 5 MB/s makes no practical difference in day to day use. Due to my high SSD speeds, it makes more of a difference for me.
What surprises me is that your 1.6 GHz Atom-based Ideapad is able to write to an encrypted partition at nearly 57 MB/sec when my Core2 Duo (2.4 GHz) can only write to an encrypted partition at 25 MB/sec (I've run the test a dozen times, it never gets over 26).
I'd be interested to find out why this may be. My first thought is that my encryption implementation is more CPU-intensive than yours. Ubuntu uses the AES cipher with a 16-byte key length (128 bit) for its home encryption from what I can tell from the mount command. What does mount tell you about your encrypted partition?
I also agree that dd is not the best approach to benchmarking this stuff but it's quick and dirty. Maybe I'll have a go with the phoronix test suite thing over the coming weekend...
Comment
Comment