How much will full-disk encryption slow down a netbook?

I've been comfortable using TrueCrypt volumes to protect various sets of files on my computers. But I've gathered there can be more convenience and security to be had be encrypting the full hard disk, since everything will be encrypted.

I purchased a netbook recently (an Acer Aspire One), and wonder how much of an impact an always-on encryption process will have. The netbook has a somewhat slow processor, but runs acceptably as it is. Visual Studio is usable, an important criteria.

On any decent machine, with faster, and multiple, processors, this is likely a minor issue. But given the slower processors in netbooks, will full-disk encryption with TrueCrypt have any serious effect?

Grant Palin

Posted 2010-10-29T04:31:55.103

Reputation: 1 102

Answers

according to http://www.ghacks.net/2009/11/26/bitlocker-versus-true-crypt-performance/ you will experience somewhat between 20% and 30% percent slowdown.

according to http://technet.microsoft.com/de-de/library/ee449438(WS.10).aspx#BKMK_Performance you will experience less than 10% slowdown.

(bitlocker and truecrypt put similar workload to the system)

the truth will be more towards the 20% penalty.

akira

Posted 2010-10-29T04:31:55.103

Reputation: 52 754

this seems about right. Im my experience its been about 12-15%, give or take a bit. Its alot less noticable than youd expect, but that was on laptops. I assume the netbook uses normal(ish) drive types and speeds, so it should be fine. – Sirex – 2010-10-29T07:00:23.337

i am currently using a thinkpad t60 with a shiny ssd and it's ok for me. i mean, i do the encryption for other reasons than speed anyway :) – akira – 2010-10-29T07:07:02.173

1/4 is a decent estimate. It really ends up depending on the speed of the disk, the processor speed and the I/O patterns... – Goyuix – 2010-11-02T17:04:59.407

The performance hit is not noticeable. I clocked the compilation of 310,00 lines of C++ from 700 source files which produces over 150 MB of output. I did a clean build 5 times in a row on a non-encrypted drive, encrypted the drive with TrueCrypt, and did again a clean build 5 more times. I was unable to notice any difference on my notebook. My notebook does not have the AES-NI instructions, so if your notebook is recent, the encryption will be about 10 times faster. A friend of mine has a notebook where the processor supports the AES-NI instructions, and get a benchmark of 2.5 GB per second for encryption and decryption speed.

Daniel Morin

Posted 2010-10-29T04:31:55.103

Reputation: 21

1Be wary of benchmarks that don't actually measure the thing you're looking for. Neither of these anecdotes measure the IO throughput to disk. – Oli – 2017-03-07T08:18:26.387

Running Truecrypt on a Netbook will pose a few interesting issues. First, if you are using TrueCrypt to encrypt the entire system drive, then you will likely notice some slowness as other folks have noted. This is especially going to be true if you have an SSD. (It's not that encrypting/decrypting from an SSD is slower than it is from an HD, but just that an SSD is a lot faster than an HD, so the relative slowdown is much greater for an SSD.)

To get an idea of how fast you will be able to read/write an HD encrypted with Truecrypt, you can run a benchmark from within the Truecrypt program. The value you get from this benchmark will tell you the most throughput you can expect when reading your drive. Average throughput will likely be somewhat slower than this, as your CPU will usually be doing more things than just encrypting/decrypting.

There is, however, another thing to consider when running Truecrypt on SSDs. In order to extend their lives, manufacturers use a technology known as wear leveling. https://secure.wikimedia.org/wikipedia/en/wiki/Wear_leveling Since you can only rewrite each memory cell on an SSD drive a certain number of times before it wears out, drive manufacturers spread writes out over the drive. This way, if there is a particular file that you modify frequently, the portion of the drive that holds that file won't wear out, because the drive will move that file to a new location each time it's rewritten.

However, when you tell Truecrypt to encrypt the entire drive, it encrypts the entire drive. This includes all the data on the drive, and all of the empty space. If the drive is an SSD, when you write to the drive, the SSD has no choice but to save files where they were, because as far as it's concerned, the drive is full. So, the wear leveling feature can't work, and you are likely to start to lose portions of your drive much faster than if it wasn't encrypted.

Good luck. figuring out how to use Truecrypt on a Netbook can be a challenge.

Aaron

Posted 2010-10-29T04:31:55.103

Reputation: 111

a) yes, ssd might lose more % of speed (if the problem is really io and not the cpu) but it's still faster than a normal disc and for sure faster with encryption. b) SSD keep sectors back to accomplish wear-leveling, it reports X to the user while it has X+Y sectors. c) yes, the initial encryption will write to every block of the disk. since bitlocker / truecrypt use block-ciphers only used blocks will be written, just as in non-encrypted mode. – akira – 2010-11-02T21:37:55.337

Hi.On a Netbook, unless you get one with a dual core, encryption/decryption is likely to be slower – Aaron – 2010-11-02T22:33:50.787

A. On a netbook, unless you get one with a dual core, encryption/decryption is likely to be slower than writes and possibly reads to the drive, so the bottleneck is almost certainly the CPU and not the type of drive.

B. I did not know that wear leveling drives would hold some capacity back. In any case, you are correct that Truecrypt only writes the blocks of the drive that are modified, but when the drive is initially encrypted, Truecrypt encrypts the entire drive, even the blank spots. If this were not the case, Truecrypt would leak information. – Aaron – 2010-11-02T22:56:59.010

So, even though SSD drives may hold some portions of the drive back, the wear leveling won't be as effective, hence the drive will likely wear out faster. – Aaron – 2010-11-02T22:59:41.143

@Aaron: a) you compare different kind of stuff. ssd + crypt is faster than rotating discs + crypt, agreed? it is obvious that no-crypt + whatever is faster than crypt+whatever. c) the wear leveling is the same with crypto enabled or not, since ssd writes data in BLOCKS anyway. it marks BLOCKS as bad or ok, it rotates BLOCKS in order to keep the lifetime per block up. if you change only a bit in a block or the whole block is irrelevant, imho. so, except for the initial "write to all sectors" there is no difference regarding the wear leveling between (block) crypted files or plain files. – akira – 2010-11-17T16:58:11.050

A. I don't think you can say that SSD+crypto is faster than HDD+crypto without qualification. If the CPU is saturated with an HDD, then it will definitely be saturated with an SSD. – Aaron – 2011-01-05T20:50:50.210

C. Consider, you have a SSD with 108 physical blocks. The drive gives 100 to the user, and keeps 8 in reserve for wear-leveling. If you use the drive with no encryption, and you only use 50% max of the drive, then you have 58 blocks to use for wear-leveling. However, if you encrypt the drive, you will use 100 blocks, leaving you only 8 for wear-leveling, no matter how much data you put on the drive. The reason is that TC encrypts the entire partition, no matter how much you're using. This then, causes the SSD to consider all those blocks used, whether they actually are or not. – Aaron – 2011-01-05T21:04:40.860

@Aaron: a) i mentioned the cpu being the bottleneck in my first comment. if the cpu throttles everything then there is no point in worrying about the storage, is it? and it is also obvious that "if the cpu slows down the slower medium, it will also slow down the faster medium". c) a ssd can write multiple times to one block, not only once. yes, you write ONCE to every block but thats all you waste. 1 write cycle. read http://www.storagesearch.com/ssdmyths-endurance.html, normally you can write 100000 times to a single block. 1 vs 100000...

– akira – 2011-01-19T23:50:41.687

Not quite true. As pointed out by others, FDE is still per sector: If the OS writes 10 sectors, they FDE will transparently encrypt them, but it will still write 10 sectors. Thus wear-leveling is unaffected. – sleske – 2011-02-16T11:38:26.733

Some FDE packages can wipe the drive (filling it with random data) before creating the encrypted volume. That may cause problems with an SDD (because it means the whole drive is considered "full" by the DSS), but that initial wipe is not necessary for FDE. – sleske – 2011-02-16T11:41:54.640

To tell the truth, what impacts your performance with full disk encryption is the amount of RAM you have on your Netbook. You'll feel like using a slower hard disk, just that. It is not bad, I am able to run some games and even MMORPGs on my netbook. But common usage is not heavy I/O operations in such small computers.

BUT, you need a swap file to cope with the small RAM and you'll notice a heavy impact if you need enough memory at the same time, like using a client for your email or using multiple tabs on your webbrowser. Because everytime you computer needs more virtual memory it is going to read/write on your disk. An alternative would be to use a unencrypted partition and place the swap there or use a usb or sd for ReadyBoost technology.

Anyway 2 GB of RAM and full disk encryption works for me. It is slow but pretty usable. I can perform ftp backups, run games, use multiple chat clients, thunderbird and two webbrowsers and a swiss army knife of small tools runnning in the background.

I tested both Windows with Truecrypt and Linux with LUKS, both with graphics acceleration... and to be sincere i see the impact of antivirus heavier than the encryption. Linux was smoother than Windows.

One recommendation for Truecrypt, if you are planning to buy a Netbook and full disk encryption is a need for you try to find one with AES instructions set on the CPU. If not then run a benchmark and use the best algorithm from the list. I see than AES is not the best on Atom CPUs.

One recommendation for LUKS, use multiple encrypted partitions to spawn more than one thread and use one of them for swap. In some old implementations and for previous kernels LUKS is not using multiple cores or threads of your CPU, becoming a bottleneck on your system. (But that affects not only Netbook but all computers)

cablop

Posted 2010-10-29T04:31:55.103

Reputation: 179