[LAU] encryption and performance penalty

David Christensen dpchrist at holgerdanske.com
Thu Nov 13 22:42:20 UTC 2014

Previous message: [LAU] encryption and performance penalty
Next message: [LAU] encryption and performance penalty
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/13/2014 02:31 AM, Atte wrote:
> I'm thinking about protecting my data with encryption. I know it's a
> complex matter, and very hard (impossible?) to make a system 100%
> protected. And I must admit I don't fully understand the technical
> workings of the various available tools, but I found
> https://wiki.archlinux.org/index.php/disk_encryption.
> Now I'm wondering:
> 1) Can anyone share hands-on experience with a particular strategy, why
> did you choose that particular tool, is it easy to setup and work with
> in every-day use?
> 2) Most importantly: How will the various methods affect my systems
> ability to perform under realtime conditions (jack) including
> reading/writing files from a DAW?
> NB: I'm running debian stable, if it matters...

LUKS, dm-crypt, and the Debian installer make partition-based drive 
encryption easy:

     https://en.wikipedia.org/wiki/Dm-crypt

Intel added AES-NI to their CPU's a few years ago, which helps with 
encrypted drive performance (and is supported by Wheezy):

     https://en.wikipedia.org/wiki/AES_instruction_set

STFW for benchmarks, I've seen anywhere from 2x to 10x improvement in 
encrypted disk performance without AES-NI vs. with AES-NI.  It's hard to 
isolate -- there are many other significant factors in real systems 
doing real work.

My subjective experience with SOHO desktops and servers with respect to 
drives is that going from HDD to SSD has the most dramatic impact on 
performance.  dm-crypt encryption causes a noticeable slow-down on older 
machines without AES-NI when launching applications or doing bulk 
transfers (half speed?), but it's not a deal-breaker.  My Core i7-2600S 
system with AES-NI, 8 GB RAM, and encrypted SSD is so much quicker than 
everything else that I don't notice.  I've done some light music work on 
both kinds of machines, and haven't encountered any problems due to 
encrypted drive performance.

I suggest that you get yourself a newer SSD and give it a try.  :-)

HTH,

David

p.s. The old-fashioned trick of increasing RAM to improve performance is 
just as valid today as it ever was.  How much RAM do you have in your 
machine, what is it's capacity, and how much RAM and swap are in use 
when you are doing your heaviest music work?

Previous message: [LAU] encryption and performance penalty
Next message: [LAU] encryption and performance penalty
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audio-user mailing list