Ertugrul =?UTF-8?B?U8O2eWxlbWV6?= <es DeleteThis @ertes.de> wrote in
news:20090209024736.22353d9e@ertes.de:
> buck <buck DeleteThis @private.mil> wrote:
>
>> Where is an understandable and recent web page (or NG cite, Etc.)
>> that provides encryption method and speed information? In
>> particular, I want to create an encrypted file and loop mount it.
>> DM-Crypt kills performance (I have benchmarks to prove that!), so I
>> want an alternate _FAST_ but reasonably secure method.
>
> If dm-crypt kills your performance, then probably you have an old or
> improperly configured kernel. While configuring, you can select to
> enable cipher implementations, which are optimized for your particular
> architecture. The implementations from the Linux kernel are already
> quite fast.
DM-Crypt defaults to AES mode cbc-essiv:sha256, which was compiled for
kernel 2.6.24.5_smp (Slackware 12.1 then, 12.2 now). How much more can
one optimize? My benchmark files have long since been deleted, but
encryption, because it uses only one CPU, was definitely a problem. I
found this, which clearly demonstrates my assertion that encryption is
the bottleneck:
http://tynne.de/linux-crypto-speed
which indicates aes586 module - which will have to be located because it
isn't a module on my machine. There is no date on the page, but the
kernel version isn't horribly old (2.6.21.4).
> Greets,
> Ertugrul.
Wikipedia lists so many algorithms that it takes 4 lines of text to
display them all.
Thanks,
buck
FAQ
Search
Profile
Private Messages
Log in
Linux