[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

LUKS overhead (was Re: encrypted root fs on a slug and crypto-modules)

On Sun, Mar 09, 2008 at 11:54:29PM +0100, Anders Lennartsson wrote:
> As a further note on the subject of this thread, I did manage to
> install Debian Etch on a fully encrypted USB-stick (1 GB) with two
> partitions, one for root and one for swap. I used default settings for
> LUKS encryption which I belive is 128 bits. My impression is that it
> didn't really affect performance but I have not made any objective
> tests of this.

I built a 2.4.24 armel system on my Thecus N2100 last night, and created
a 100GB data partition to test this out. There are a few layers

	WDC5000KS -> md (raid-1) -> lvm2 -> dm-crypt -> ext3 -> smb

That's two more (lvm2; dm-crypt) than I'm used to on this machine.

Copying a few GB onto the device via SMB resulted in kcryptd consuming a
lot of CPU for several minutes after each transfer. I'm not sure if it
impacted the speeds much, I got ~1.5MB/s which is far from great
(100-base-t switch is the limiting factor ethernet wise) but I was
getting roughly that (mostly over SSH rather than SMB) beforehand (with
the old ABI).

The machine didn't boot this morning, but if it does when I get back
from work, I'll try and get some more figures on how much of an overhead
LUKS proves.

I'd expect things to be worse on the slug than the n2100.

Jon Dowland

Reply to: