Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Ubuntu 9.04 Home Encryption Performance

  1. #11
    Join Date
    May 2008
    Posts
    598

    Default

    Quote Originally Posted by december View Post
    This really should be off-loaded to hardware. Didn't VIA have some crypto built-in on some of their EPIA boards? It can't be that expensive to put a basic AES cypher chip somewhere in a motherboard's SATA controller section. All that is needed, is for some of the major motherboard manufacturers and chipset makers to sit together and come up with something resembling a unified interface.
    They have. See second post here

  2. #12
    Join Date
    Sep 2007
    Posts
    122

    Default

    VIA's processors, starting with a certain C3 stepping, support AES in hardware. It is very fast, but somewhat limited. E.g. no fast XTS acceleration.
    Last edited by greg; 12-07-2008 at 07:47 PM.

  3. #13
    Join Date
    May 2008
    Posts
    598

    Default

    I wonder if a GPU could be used for AES?

  4. #14
    Join Date
    Oct 2008
    Posts
    4

    Default

    Re: eCryptfs vs LUKS

    LUKS is block device encryption (e.g. /dev/sda1)
    ecryptfs is file level encryption (e.g. /home/user/Private/). You mount a folder, and every file created in that folder will be encrypted individually. If you umount the ecryptfs folder, you will still see the files, but the contents will be garbled.

    There are several advantages to this approach, but the main one is that the home directory for each user can be encrypted with a different key.
    With LUKS, it is only possible to encrypt the home partition, or with more work, create an encrypted partition for each user (with fixed size, less flexibility).

    AFAIK, ecryptfs is available on Fedora as well.

  5. #15
    Join Date
    Jul 2008
    Posts
    565

    Default

    It really didn't mention game performance but of course that will be largely unaffected, especially if your games are installed to /opt or other places outside your home dir. Wine games might suffer some though depending on how I/O intensive they are.

  6. #16
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,532

    Default

    Quote Originally Posted by Louise View Post
    I wonder if a GPU could be used for AES?
    Yes it is possible.

    http://www.manavski.com/downloads/PID505889.pdf

    There also have been talk of nvidia opening access up the AES engine found on the GF 8 + to the Cuda toolkit.

    Aso if you own the book GPU Gems 3 there is a dedicated chapter to this subject.
    Last edited by deanjo; 12-08-2008 at 01:12 AM.

  7. #17
    Join Date
    Mar 2008
    Location
    40N 105W
    Posts
    45

    Default

    I'd like to see how encryption runs on SCSI. I'm tired of the inconsistent performance with desktop controllers.

    Encryption would be really cool, but getting locked out of your data is unacceptable.

  8. #18
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,532

    Default

    Quote Originally Posted by WSmart View Post
    I'd like to see how encryption runs on SCSI. I'm tired of the inconsistent performance with desktop controllers.

    Encryption would be really cool, but getting locked out of your data is unacceptable.
    That would apply to a very small amount of the community. If your running scsi's chances are your running servers in a corporate environment and you should have alot more security measures in place then just encrypting the drive.

  9. #19
    Join Date
    May 2008
    Posts
    598

    Default

    Quote Originally Posted by deanjo View Post
    Yes it is possible.

    http://www.manavski.com/downloads/PID505889.pdf

    There also have been talk of nvidia opening access up the AES engine found on the GF 8 + to the Cuda toolkit.

    Aso if you own the book GPU Gems 3 there is a dedicated chapter to this subject.
    Cool! Is it a nVidia feature only, or could the same be done for ATi?

  10. #20
    Join Date
    May 2008
    Posts
    598

    Default

    Quote Originally Posted by jamei View Post
    Re: eCryptfs vs LUKS

    LUKS is block device encryption (e.g. /dev/sda1)
    ecryptfs is file level encryption (e.g. /home/user/Private/). You mount a folder, and every file created in that folder will be encrypted individually. If you umount the ecryptfs folder, you will still see the files, but the contents will be garbled.

    There are several advantages to this approach, but the main one is that the home directory for each user can be encrypted with a different key.
    With LUKS, it is only possible to encrypt the home partition, or with more work, create an encrypted partition for each user (with fixed size, less flexibility).

    AFAIK, ecryptfs is available on Fedora as well.
    Thanks for clearing that out

    I like no one can see what files I have, so I say with LUKS

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •