Intel Atom Disk Encryption Performance

[phoronix]

Phoronix: Intel Atom Disk Encryption Performance

While the ASUS Eee PC 901 doesn't have its solid-state disk drives encrypted by default, if you are storing any potentially sensitive information on this netbook -- or any mobile device for that matter -- you really should encrypt the data. When you lose a mobile device or it has been stolen, it can be a nightmare if your banking information was stored on there or even just passwords to your Internet accounts. However, what is the performance cost for fully encrypting a hard drive on one of these Intel Atom computers? In this article we are looking at the performance impact of fully encrypting the solid-state storage versus an unencrypted LVM within Ubuntu Linux.

http://www.phoronix.com/vr.php?view=12814

[gwfrancke]

It would be interesting if this test is repeated on a laptop with a VIA CPU that has onboard encryption (VIA Padlock).

[curaga]

I was just going to say the same!

Trying this on an Atom is not interesting at all. A Via netbook would be way better.

[ethana2]

I'm glad for the Private directories in Intrepid, I think that's the Right Way to do things, less wasteful and all that.

[Rhettigan]

There's an interesting thing going on in the 901. I'm not sure if the SSD on the Linux 901 is separated like the SSD on the Windows 901.

Read http://techreport.com/articles.x/15442/4 for more information (it's also a thorough review of the Windows 901).

[janmartin]

Hi,

your test is very interesting.

I am running an Acer Aspire 5633WLMI notebook with 4 GB RAM, and Ubuntu 8.04 and hard disc encryption by dm-crypt. Even VirtualBox is running without any problems and guests react really snappy!

However I wonder if the impact of just encrypt the /home folder will be significantly smaller on a 901?

Thanks!

[robotpoetry]

I'm glad for the Private directories in Intrepid, I think that's the Right Way to do things, less wasteful and all that.

Depends on how much security you require. Sensitive files may end up in your swap partition or in /tmp or /var for instance. With all partitions encrypted you can be certain that nothing ever touches the disc unencrypted, regardless of bad/unknown program behavior.

[Kano]

Encryption is interesting, but don't think it is unbreakable. Suspend can lead to new attacks:

http://citp.princeton.edu/memory/

Also when the pc is accessable to somebody with a live system the initrd can be modified - as this is not encrytped. And when you do that, you could store the key where you can find it when you come back...

[deanjo]

It would also be interesting to see an AMD thrown into the mix since they smoke the intels on stuff like SSL just to see if it carries over to things like drive encryption.

[R3MF]

trucrypt would make an interesting baseline.