Announcement

Collapse
No announcement yet.

Disk Encryption Tests On Fedora 21

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Disk Encryption Tests On Fedora 21

    Phoronix: Disk Encryption Tests On Fedora 21

    If you've been wondering about the impact of enabling full-disk encryption when doing a fresh install of Fedora 21, here's some reference benchmarks comparing the Anaconda option of this latest Fedora Linux release.

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    The performance impact from using encryption is negligible only on Intel Core i3/i5/i7 CPUs.

    Pentium and Celeron CPUs have hardware accelerated AES instructions disabled (stupid Intel).

    (I'm not talking about AMD here since almost all their CPUs have this feature enabled, but their market share is ... negligible).

    "While there is a small performance overhead in using full-disk encryption for modern systems, I'd still highly recommend using full-disk encryption for any production systems storing sensitive information."
    I'm not sure I agree with this opinion. Encrypted data tend to vanish into thin air if an encryption key is lost.
    Last edited by birdie; 20 January 2015, 12:20 PM.

    Comment


    • #3
      Originally posted by birdie View Post
      Encrypted data tend to vanish into thin air if an encryption key is lost.
      I'm pretty sure that's the point of it.

      Comment


      • #4
        Originally posted by phoronix
        While there is a small performance overhead in using full-disk encryption for modern systems, I'd still highly recommend using full-disk encryption for any production systems storing sensitive information.
        I agree that it is a stupid recommendation to make without knowing about the threats for a particular system.

        For instance, full disk encryption will not protect against "Evil Maid" style attacks, where the attacker installs a rigged initramfs which exposes the secret key/passphrase to him.
        Also, besides Intel's decision to fuse off AES-NI on entry-level CPUs, there are downsides to full disk encryption, such as incompatibility with ATA trim. You can enable trim for encrypted volumes, but then they will leak information about which parts are unused to lower layers of the storage, thus negating some of the security gains again.

        Still, it can protect your data in case of theft. Encrypting /home can achieve that as well, and have a less severe impact on performance.

        Comment


        • #5
          when did this site become a fedora marketing front ?

          Comment


          • #6
            Originally posted by gens View Post
            when did this site become a fedora marketing front ?
            Mmm, it's been a Fedora - whatever_Fedora_has marketing front since... many months?

            Comment


            • #7
              Every move has its counter, but encryption can be vital in some cases

              Originally posted by chithanh View Post
              I agree that it is a stupid recommendation to make without knowing about the threats for a particular system.

              For instance, full disk encryption will not protect against "Evil Maid" style attacks, where the attacker installs a rigged initramfs which exposes the secret key/passphrase to him.
              Also, besides Intel's decision to fuse off AES-NI on entry-level CPUs, there are downsides to full disk encryption, such as incompatibility with ATA trim. You can enable trim for encrypted volumes, but then they will leak information about which parts are unused to lower layers of the storage, thus negating some of the security gains again.

              Still, it can protect your data in case of theft. Encrypting /home can achieve that as well, and have a less severe impact on performance.
              OK, an encrypted disk may be 20% slower. I've gotten acceptable results with encryption even on a 450mhz Pentium III, the main impact being that VGA video becomes just slighty too heavy to play back in the obsolete mpeg-4 codec I used to use as a benchmark. Well, when cops or other thieves steal your computer, the speed performance of their attempt to get at your data are literally billions of times slower if you used a strong passphrase. If the passphrase is strong enough and they didn't have the foresight to use a covert entry to install a hardware keylogger, they will be completely defeated.

              If you consider police a threat under any circumstance, you MUST encrypt your disks and also practice safe computing by never committing to disk anything that could send someone to jail and for which there is no operational requirement to do so! The reason for encrypted everything is mostly to prevent files in places like /var/tmp from being recoverable, and prevent system logs from identifying your peripherals used.

              When police capture an encrypted disk, attacks are usually limited to dictionary attacks aimed at common passphrases, if even that. A few years ago, the Secret Service's passphrase recovery system of that time was published by the Washington Post: 60,000 old, probably dual-core office boxes (ALL their office boxes) running dictionary attacks prepended with the target's writing.They would have done better with a dozen quad-GPU boxes, but that would have required spending money on hardware, which unlike higher power bills has to be budgeted for.

              I've said this a million times, but I will say it again: I had a computer with an encrypted data partition (just the data partition) stolen by cops in a 2008 raid on my house (timed to miss me for their protection), but I have evidence from a lawsuit filed by another person raided over the same incident that they were unable to get into it. There is also that well-known case of a corrupt banker whose Truecrypt encrypted disk defeated the FBI, over a year later they were still whining about that disk.

              OK, now let's talk about more substantial opposition from nation-state level law enforcement or well-funded organized crime:

              The "evil maid" software keylogger has not been reported in the wild, probably has only been used in hacker's dorm rooms. That's because to really do a premade evil maid USB drive that a non-hacker can use, you have to know in advance what encryption system (DM-crypt vs Truecrypt, etc) and what OS you are attacking. In-line hardware keyloggers compatable with both desktop and laptop keyboard cable connectors are far more compatable, and when a businessman in China spurned a sex worker's advances and charged back to his hotel room, the MSS had his laptop apart, not running from a bootabe USB drive. This also defeats the standard evil maid defense of putting /boot on a USB stick.

              The hardware keylogger also has countermeasures: glue can be used to make the keyboard impossible to remove from a laptop without creating a showy mess. Some have suggested that glitter in glue over crucual joints makes a random pattern that is in fact cryptgraphically secure. It can be photographed and photos compared to prove tampering. Desktops are the easiest to secure: Use an old, oddball keyboard that is not easily swapped out without being recognised, and glue it together so destruction is required to get inside. Then keep an eye on the cable connection is the back, and never use inline adapters as they are too easily replaced with malicious ones.

              There is a witch-hunt going on right now in Europe that shows signs of spreading, now is a good time to really step up the use of encrypted filesystems and encrypted communications. The more people use them, the harder it will be to attempt to ban them, and the harder it will be to attempt to crack them due to the effort being spread across more targets.

              Comment


              • #8
                One more point: avoid wireless keyboards with encryption

                (cannot edit after 5 min)
                Possibly the worst mistake you can make with encryption is a one word passphrase, but second to that is to use a wireless keyboard instead of USB or PS2. A unencrypted wireless keyboard would permit direct passphrase keylogging with nothing more than another of the adapters for it plugged into a tablet outside or left under a newspaper near your door. This does require your opponent to guess the brand you are using, perhaps by credit card or store discount card records. An encrypted wireless keyboard reduces your encryption security to that of a commerical encryption product legal to sell in your country. That should be presumed to mean weak keys law enforcement can crack or have the manufacturer crack for them.

                I guess we can call this the "evil neighbor" attack, as it does not require access to your computer room at all.

                Comment


                • #9
                  Originally posted by chithanh View Post
                  I agree that it is a stupid recommendation to make without knowing about the threats for a particular system.

                  For instance, full disk encryption will not protect against "Evil Maid" style attacks, where the attacker installs a rigged initramfs which exposes the secret key/passphrase to him.
                  Also, besides Intel's decision to fuse off AES-NI on entry-level CPUs, there are downsides to full disk encryption, such as incompatibility with ATA trim. You can enable trim for encrypted volumes, but then they will leak information about which parts are unused to lower layers of the storage, thus negating some of the security gains again.
                  Unfortunately, there is nothing that Fedora can do to prevent evil maid attacks. If that is a serious concern, you're not basing decisions on by reading benchmarks, or trusting the "encrypt my disk" checkbox in an installer. You've done serious homework, and assembled your own hardened system. You're also probably not even running on commodity hardware with expresscard, firewire, thunderbolt, etc. You're well outside the target audience for install-time encryption via checkbox.

                  Originally posted by chithanh View Post
                  Still, it can protect your data in case of theft.
                  This is honestly, by far, the most likely case. For all the arguments that a well-coordinated police or spy agency can trivially defeat your protection with enough effort and preparation, it's ignoring the fact that the crackhead that broke into my car and grabbed my laptop can't. And which of those is more likely. There's a very good chance that he'd be helpless with a Linux system, regardless of encryption, sure. But with encryption, even if he pawned the machine to somebody who was capable (and motivated) to look for credit card numbers, bank logins, etc., they'd be SOL. That's even allowing trim passthrough.

                  I'm not saying there are not folks with different security concerns, but this article honestly isn't for them. It's for Joe Users who wants a bit more security, but don't want to sacrifice user experience. If you need absolute security, you're already sacrificing user experience, and who gives a shit about benchmarks at that point.

                  Originally posted by chithanh View Post
                  Encrypting /home can achieve that as well, and have a less severe impact on performance.
                  Fedora actually encrypts an entire lvm pv, then makes volumes for /, /home, /whatever volumes together. Not encrypting your root would actually be more effort and less flexible.

                  The performance impact of not encrypting / is insignificant. Except for booting and launching programs, little IO is done on /, and that which is (log files, etc) has no performance requirements. If you're actually doing any significant data work, it's probably in /home (or on another partition you've decided to encrypt), which again negates the benefit of avoiding /.

                  Comment


                  • #10
                    Originally posted by ChrisIrwin View Post
                    Fedora actually encrypts an entire lvm pv, then makes volumes for /, /home, /whatever volumes together. Not encrypting your root would actually be more effort and less flexible.

                    The performance impact of not encrypting / is insignificant. Except for booting and launching programs, little IO is done on /, and that which is (log files, etc) has no performance requirements. If you're actually doing any significant data work, it's probably in /home (or on another partition you've decided to encrypt), which again negates the benefit of avoiding /.
                    Depends on the kind of "data work" you are doing. The point is, of course, that you gain no security by encrypting things that are absolutely freely available, like all the things in /lib[64] or /usr. Such things tend to include all the programs you run, that can take a significant bit of I/O to load up.

                    Comment

                    Working...
                    X