3
My intuition says that this should serve no benefit. However I just clean installed windows 10 pro and all of my non-system files are compressed. I'm getting almost 50% compression on my ssd.
If they are encrypted, how could this be possible?
Am I correct in thinking there shouldn't be any benefit, eventhough it looks like there is?
Gabriel Fair
Posted 2018-03-17T20:27:04.827
Reputation: 2 070
5
I think I understand your logic, but the order of things is important...
After encryption encrypted files look like if they are containing random data. And random data doesn't compress well.
So storing already encrypted files in a compressed-archive format (like ZIP, RAR or 7Z) doesn't yield much benefit in terms of compression ratio. Storage space may actually increase instead of decrease.
But here you have things the other way around:
Files are compressed first (at the NTFS level, before actually saving them) to make them smaller.
Then these compressed files are stored on a disk with full-disk encryption.
The encryption process doesn't know (or care) what it is encrypting. To BitLocker, which operates at the block-level below the filesystem, it is all just blocks of data and the content is irrelevant. The encrypted block while be exactly the same size as the original un-encrypted block, just the content will be scrambled.
So you get the space-saving of the compression and the encryption and they don't affect each other.
Tonny
Posted 2018-03-17T20:27:04.827
Reputation: 19 919
How much does it differ speedwise? Is there a noticable decrease in speed? – LPChip – 2018-03-17T22:17:21.873
In that case it makes no difference....I got lost here. I know the answer is "compression first, then encryption makes saving space possible," and I think you're saying that, but given that I can't figure out what you're saying makes no difference. – I say Reinstate Monica – 2018-03-18T03:48:28.977
@LPChip For modern Core-I or AMD systems (basically most stuff after 2012) Bitlocker can make use of highly optimized special CPU instructions. Slowdown from Bitlock isn't really noticable in my experience. (Real-time antivirus or AppLocker is more noticable.) NTFS compression while reading is not noticable. On writes it may show varying on file-content. (Files that don't compress well, but NTFS tries it anyway,) It isn't really an issue in practice unless you attempt to do a bulk (un)compress of a large folder/file-tree. – Tonny – 2018-03-18T11:54:33.440
@TwistyImpersonator I may have worded that a bit badly. In retrospect it doesn't read all that clearly. I will edit my answer to further clarify. – Tonny – 2018-03-18T11:56:43.850
2
If your dataset will benefit from compression then using NTFS compression will still provide that benefit, because of the order data is written in.
If you think about this as acting at different layers, it may be clear why.
Data to Be Saved -> NTFS Compressed Filesystem -> Bitlocker Encryption -> Disk
Because (when writing) the NTFS Compression is taking place before Bitlocker encryption, the files will indeed be smaller.
To clarify, although encryption may look pretty much random on a raw disk, by the time it is written on, Bitlocker is decrypted it, so the data does not look random to the OS, and thus it can benefit from encryption.
davidgo
Posted 2018-03-17T20:27:04.827
Reputation: 49 152
Instead of -> arrows, I thought that making an ASCII-style "drawing" of the layers one above another, with the physical disk at the bottom, might be more intuitive in a user-to-disk top-down view (but I couldn't get it to look better than each layer on a new line). Something like this but it's missing the filesystem compression
When you boot into Windows files are not encrypted, but compression can still be implemented, on top of encryption. Encryption and compression are not mutually exclusive – Ramhound – 2018-03-17T20:31:56.820
Ah, so the files are encrypted after NTFS compression before writing to disk? And not compressed after encryption, as that would corrupt the files? – Gabriel Fair – 2018-03-17T20:36:28.527
Files are compressed then encrypted. Data is data, type of compression used by NTFS would be lossless – Ramhound – 2018-03-18T03:07:27.590