Reply With QuoteSandy Bridge has an integrated AES encryption engine so that full disk encryption will have no effect on CPU utilization. I am surprised that you did not do CPU utilization benchmarks to measure that.
Phoronix News Bot
Ubuntu 11.10 Home Encryption Performance
Phoronix: Ubuntu 11.10 Home Encryption Performance
With more and more of one's personal and professional lives being on the computer, encrypting and properly securing those computers -- particularly mobile devices -- is incredibly important. Sadly, it's not often thought about until it's too late. It has become relatively easy to protect your personal data on Ubuntu Linux with home directory encryption support being just a checkbox-away within the installer or even full-disk LVM encryption when using Ubuntu's alternate installer. Previous tests of Ubuntu disk encryption performance have shown there is some penalty in disk-centric workloads, but the benefits are certainly worth it. In this article is a look at the Ubuntu home encryption performance under Ubuntu 11.10 with both old and new laptops.
http://www.phoronix.com/vr.php?view=16424
Senior Member
Sandy Bridge has an integrated AES encryption engine so that full disk encryption will have no effect on CPU utilization. I am surprised that you did not do CPU utilization benchmarks to measure that.
Senior Member
First thing that comes to mind is: pretty sure there's only support for that in recent gcc versions, and even then the Ubuntu binaries need to have support.Originally Posted by Shining Arcanine
Second thing that comes to mind is: there will be some effect. It may only be very small, but there will be some effect.
Junior Member
AFAIK you only need a new enough kernel with the AES* modules? The binaries have nothing to do with it, the AES encryption acceleration comes from the Intel CPU in combination with the kernel modules. No?
Senior Member
Yes, you're right, my bad. I think it's still a little too new for considering in the benchmark though.
Junior Member
The bottleneck is elsewhere: https://bugs.launchpad.net/ubuntu/+s...ls/+bug/654764
I was never worried by an additional CPU overhead, but also never imagined my disk will work 10x slower with encrypted home...
Last edited by krzta; 09-14-2011 at 01:52 PM.
Senior Member
one or two graphs showing CPU load differences in general should be important. Disk-performance is one thing, CPU load is the other bit of the 'cost'. My laptop is a 2.1Ghz pentium-m based bit, and would be quite interesting in how much CPU load I should expect from encrypted home.
Junior Member
Yes, they are 2 different things. You just won't notice CPU overhead, while the disk one, especially if you're moving a lot of files (eg. backups, movies etc.) will bite you pretty hard. Mostly frustrating if you have a top notch ssd.
Junior Member
How about netbooks / atom?
It would be interesting to see these same benchmarks run on netbook class hardware. Before I replaced it, I would only encrypt my home directory on my EEE 1000HE, and even moved my development projects outside my home directory to avoid the penalty. If a core 2 duo shows a worst case 15% degradation, I was probably right to do so -- that's about a 5x faster CPU than an Atom.
Junior Member
Hardware Acceleration benchmarks
I too would be interested to hear:
- If hardware acceleration (AES-NI) was enabled and active for the Sandy Bridge processor benchmarks.
- What the CPU load was on the respective systems during the tests.
I've used encrypted home on Ubuntu since it became available. I have a Vertex2 SSD, but data transfers within home are limited to around 20 - 25 MB/sec, which maxes out one CPU core (Core2 Duo P8600). I don't so mind the slow speed so much as apps etc. still start lightning fast (only home is encrypted), but the fact that the CPU burns from simple copy operations is annoying, and it would be great if that work could be offloaded in my next machine.
More info about AES-NI can be found at Tom's Hardware, but no Linux benchmarks sadly.
Posting Permissions