On 2020-06-26 06:07, David Wright wrote:
On Fri 19 Jun 2020 at 14:52:11 (-0700), David Christensen wrote:
Benchmark is one thing. But, from a security viewpoint, writing zeros to an encrypted volume amounts to providing blocks of plaintext for corresponding blocks of cyphertext, thereby facilitating cryptanalysis.So in view of the unlikelihood of badblocks actually logging something more useful than SMART (where available) or normal disk write errors, perhaps a compromise (for my use case) is to just write /dev/urandomrather than /dev/zero.
Copying random data to a partition while creating an encrypted filesystem provides a high-entropy backdrop to conceal ciphertext blocks. This is a form of steganography. The Debian Installer manual partitioning page has an option to do this.
As the storage is used, the initial random blocks will be overwritten by ciphertext blocks. Depending upon filesystem, encryption, volume management, and/or device details, the steganography degrades and may eventually disappear.
Copying random data to storage will add fresh nearly-random blocks on the device, improving the steganography. (The canonical example is to copy /dev/urandom to a file until the filesystem fills up, and then delete the file. But, this takes time and adds wear to the device.)
On this slow machine with an oldish PATA disk, I can get about 75% speed from urandom, 15MB/s vs 20MB/s on a 29GiB partition (no encryption). There's a noticeable slowdown because, I presume, the machine runs a bit short of entropy after a while.
I think you are noticing a slowdown when the Linux write buffer fills. David