Simple BDE disc encryption benchmark
Poul-Henning Kamp
phk at phk.freebsd.dk
Mon Aug 9 02:55:50 PDT 2004
In message <411746EB.5030006 at portaone.com>, Maxim Sobolev writes:
>> The only time the CPU was completely busy was when copying /bigfiles from
>> encrypted to encrypted.
>>
>> My question is: Why does the it take so much longer when encryption is
>> involved even though 'top' seems to think there are CPU cycles left to burn?
>
>The problem (well, not quite "the problem" since it is design decision)
>is that GBDE tries to rearrange sectors in pseudo-random fashion to make
>cryptoanalysis harder. Usually filesystem tries to place all sectors
>that belong to the same file consequently, to avoid expensive disk
>seeks. But on encrypted disk logically ajaced sectors are physically
>spread, so that reading them introduces seek delays.
Uhm, this is not quite correct.
It is true that I played around with pseudo-random sector mapping a
fair bit, but since it _totally_ killed performance I dropped it
again.
The mapping GBDE performs is sequential with inserted key sectors,
this was the most performance friendly layout I could come up with.
Poul-Henning
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-current
mailing list