Phoronix: Ubuntu 9.04 Home Encryption Performance

One of the exciting features that is being worked on for Ubuntu 9.04 is encrypted home directories. What this means is that at install-time for either the LiveCD or server installation (or at a point later on when creating additional user accounts), the administrator can opt to have the user's home directory encrypted. This is a step-down from the Ubuntu 7.10 install-time encryption that would encrypt the entire hard drive and just not the user's home directory, but alas, that comes with performance consequences. At the request of Canonical, we have carried out a few benchmarks showing what effect the Ubuntu 9.04 home encryption feature has on the system's overall performance.

http://www.phoronix.com/vr.php?view=13210

eCryptfs is that the same as luks on Fedora?

And btw. Before considering hardware encryption read this:

The con of that is the encryption keys generation is based on your hardware. A different hardware can’t decipher the drive.

If your motherboard breaks down, you won’t be able to read your data from another computer ! Make some good backups…

http://www.phocean.net/2008/02/26/cold-boot-attack-not-a-threat-to-full-disk-encryption-fde.html

One thing I have very strange in this test is, that the write speed on the un-encrypted disk is so slow.

The used disk, should without any problems be able to write with 60MB/s sequential.

**** Privacy! I am *not* going to sacrifice speed like that!

Does anyone know if/how bad game performance is affected?

Why was this test done on such high-performance, not-everyday hardware? How many of us have a 4 core processor in our daily drivers? As for the recommendation that notebook and netbook users should use the disk encryption, what 4-core netbooks (or even notebooks) are available at all?

I suppose that the hardware was chosen to be favorable to the tests, as the article was responsible in it's full disclosure that Canonical had requested the test. Also, Phoronix was not shy about mentioning that single- and dual-core processors would not see the same performance.

/home encryption is largely worthless without swap, /var, and /tmp encryption as well. If you encrypt anything, you may as well encrypt the entire disk. Otherwise, you're sacrificing performance for at best half-assed data protection.

What I don't understand is the hype about all these new features of Ubuntu that have been in Fedora/Red Hat for a while. Network manager, package kit, encryption are just a few examples of that. Hyping these features for Ubuntu does do justice to Fedora/Red Hat. For example: the hard work of making these examples work has mainly been done by the Fedora/Red Hat people. The fact that Ubuntu is adopting these makes them winners overall and is good for Linux as a whole.
Of course there is also work done by Ubuntu. I'm not bashing anything. Just give praise where praise is due...

I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.

I think this comparison is not simulating correctly real use of encryption scenarios. The used system is clearly desktop computer and quite powerfull one. Likely less than 5% of Ubuntu users has like this machine.

The need for encryption is much greater in laptop group where machine power and powerusage is much more limited. In one core systems the penalty off encryption would be much creater. Probalby in range of 20-50% and battery life would suffer to.

On my Fedora 9 with AMD64 2GHz single core, the encrytion takes ~15% CPU when I read or write.

It is hard to measure the read and write performance, as the error bars are very large.

I made a test with a 50MB file:
write: (123 + 124 + 201 + 221 + 223) / 5 = 178.4
read: (164 + 293 + 252 + 298 + 293) / 5 = 260

using for write
time dd bs=1MB count=50 if=/dev/zero of=/home/louise/test

and for read
time cp /home/louise/test /dev/null

Notice how the write performance gets better and better for each try. Very strange!

Also the numbers are extremely large. I doubt these numbers are correct.

So I guess the conclusion is, that it is very difficult for make a performance test.

The only ones that knows how to do it is the folks at http://www.storagereview.com/

This really should be off-loaded to hardware. Didn't VIA have some crypto built-in on some of their EPIA boards? It can't be that expensive to put a basic AES cypher chip somewhere in a motherboard's SATA controller section. All that is needed, is for some of the major motherboard manufacturers and chipset makers to sit together and come up with something resembling a unified interface.

This really should be off-loaded to hardware. Didn't VIA have some crypto built-in on some of their EPIA boards? It can't be that expensive to put a basic AES cypher chip somewhere in a motherboard's SATA controller section. All that is needed, is for some of the major motherboard manufacturers and chipset makers to sit together and come up with something resembling a unified interface.

They have. See second post here ;)

VIA's processors, starting with a certain C3 stepping, support AES in hardware. It is very fast, but somewhat limited. E.g. no fast XTS acceleration.

I wonder if a GPU could be used for AES?

Re: eCryptfs vs LUKS

LUKS is block device encryption (e.g. /dev/sda1)
ecryptfs is file level encryption (e.g. /home/user/Private/). You mount a folder, and every file created in that folder will be encrypted individually. If you umount the ecryptfs folder, you will still see the files, but the contents will be garbled.

There are several advantages to this approach, but the main one is that the home directory for each user can be encrypted with a different key.
With LUKS, it is only possible to encrypt the home partition, or with more work, create an encrypted partition for each user (with fixed size, less flexibility).

AFAIK, ecryptfs is available on Fedora as well.

It really didn't mention game performance but of course that will be largely unaffected, especially if your games are installed to /opt or other places outside your home dir. Wine games might suffer some though depending on how I/O intensive they are.

I wonder if a GPU could be used for AES?

Yes it is possible.

http://www.manavski.com/downloads/PID505889.pdf

There also have been talk of nvidia opening access up the AES engine found on the GF 8 + to the Cuda toolkit.

Aso if you own the book GPU Gems 3 there is a dedicated chapter to this subject.

I'd like to see how encryption runs on SCSI. I'm tired of the inconsistent performance with desktop controllers.

Encryption would be really cool, but getting locked out of your data is unacceptable.

I'd like to see how encryption runs on SCSI. I'm tired of the inconsistent performance with desktop controllers.

Encryption would be really cool, but getting locked out of your data is unacceptable.

That would apply to a very small amount of the community. If your running scsi's chances are your running servers in a corporate environment and you should have alot more security measures in place then just encrypting the drive.

Yes it is possible.

http://www.manavski.com/downloads/PID505889.pdf

There also have been talk of nvidia opening access up the AES engine found on the GF 8 + to the Cuda toolkit.

Aso if you own the book GPU Gems 3 there is a dedicated chapter to this subject.

Cool! Is it a nVidia feature only, or could the same be done for ATi?

Re: eCryptfs vs LUKS

LUKS is block device encryption (e.g. /dev/sda1)
ecryptfs is file level encryption (e.g. /home/user/Private/). You mount a folder, and every file created in that folder will be encrypted individually. If you umount the ecryptfs folder, you will still see the files, but the contents will be garbled.

There are several advantages to this approach, but the main one is that the home directory for each user can be encrypted with a different key.
With LUKS, it is only possible to encrypt the home partition, or with more work, create an encrypted partition for each user (with fixed size, less flexibility).

AFAIK, ecryptfs is available on Fedora as well.

Thanks for clearing that out :)

I like no one can see what files I have, so I say with LUKS ;)

That would apply to a very small amount of the community. If your running scsi's chances are your running servers in a corporate environment and you should have alot more security measures in place then just encrypting the drive.

Wa waah wuh wa woaoh... waa ua wah woah wo' Whuah waa wo waa....

I have started to use the encryption facility in 8.10 (the encrypted Private folder), but after enabling this, login became very slow, taking an extra 5s or so.

Did any one else notice this? I admit I am using rather humble hardware (Celeron 1500 laptop. 3+ years old), but this performance drop is rather annoying.