4
1
SSD require specific maintenance by the OS, such as the TRIM function. Can a full hard drive encryption or a partition encryption using programs such as TrueCrypt negatively effect an SSD drive?
Jonathan
Posted 2011-03-09T15:06:02.587
Reputation: 3 371
7
It depends on FDE (full disk encryption) software. In case of TrueCrypt - yes, it affects and very much. In this case disk for system looks as full with data, and TRIM doesn't have effect. But if you're using BitLocker FDE (included in Windows7) - no problem at all, it fully compatible with SSD. This is a quote from Microsoft SSD FAQ
Is Bitlocker’s encryption process optimized to work on SSDs?
Yes, on NTFS. When Bitlocker is first configured on a partition, the entire partition is read, encrypted and written back out. As this is done, the NTFS file system will issue Trim commands to help the SSD optimize its behavior.
We do encourage users concerned about their data privacy and protection to enable Bitlocker on their drives, including SSDs.
Also, according to my own tests (and I ask their support and they confirmed too) - Jetico BestCrypt Volume Encryption also compatible with SSD and TRIM (this is due to different software architecture from TrueCrypt, so when BestCrypt encrypted drive attached, Windows see it as usual drive, so TRIM must work)
AYA
Posted 2011-03-09T15:06:02.587
Reputation: 104
5
All full disk encryption (FDE) systems will suffer from information leakage when used on an SSD that features TRIM support. This includes TrueCrypt, and it is a separate concern to the performance of the drive. The reason is that using TRIM reveals which areas of the disk are used to store actual data, and which are for "free space".
These FDE systems will usually first fill the disk with random data, before starting to write encrypted filesystem data. The reason is that if the disk is zeroed first, then after it has been formatted, it is blindingly obvious which blocks have been used to store the encrypted filesystem data.
TRIM reveals basically the same information. Some SSDs will zero out TRIMmed blocks, which means that the situation is reduced to exactly the same as using FDE on a zeroed drive.
In the case of TrueCrypt, knowing which blocks are used and which are free can also affect the plausible deniability offered by hidden volumes. There is more TrueCrypt information at http://www.truecrypt.org/docs/?s=trim-operation
This is all a bit of a bother, since using an SSD without TRIM will quickly lead to performance degradation, thereby negating the whole point of using the SSD in the first place... I'm still not sure what the best solution is (or if one even exists).
devkev
Posted 2011-03-09T15:06:02.587
Reputation: 53
+1 for knowing so much about it, even if it is unrelated to the question :) – Jonathan – 2011-06-04T20:38:23.770
+1 @devkev for the knowledge. However, even with TRIM and the fact that knowing which blocks are free or not, one still gets a decent level of privacy protection should the PC fall into the wrong hands - far better than none at all. – therobyouknow – 2012-08-27T11:41:52.530
3
The encryption naturally adds overhead, which will lower the speed of read and writes just like on a platter drive. It shouldn't negatively impact the lifespan of the drive unless it's an encryption scheme which requires a lot of additional writes, or the particular sorts of data patterns that are getting written are a lot more susceptible to write amplification on your particular drive (which is awfully unlikely and basically impossible to know ahead of time).
Most brand-new drives are actually using controller-based garbage collection, etc; this all is happening way below the OS level so it should be irrelevant what the data is. TRIM specifically I'm not 100% sure on, but the actual functionality is again happening on the controller level so it should be fine as well.
Note that all of this may vary from drive to drive because the biggest variable is the controller on the SSD.
Shinrai
Posted 2011-03-09T15:06:02.587
Reputation: 18 051
Why the downvote? (And over a year later, to boot...) – Shinrai – 2012-04-10T16:34:40.723
0
Yes, it will affect. However you can check the possible problems before actual ssd usage. Try SsdReady free tool to estimate amount of writes to the disk and as result you'll get an approximate lifespan of SSDs.
user12345
Posted 2011-03-09T15:06:02.587
Reputation: 1
0
I had a Samsung evo 840 120GB system drive encrypted with truecrypt for about a year. Everything worked fine and when I replaced the drive the SMART data didn't indicate any more wear than is to be expected in 1 year. The only downside was that the speed was half of what it would have been without encryption.
user384816
Posted 2011-03-09T15:06:02.587
Reputation: 1
TrueCrypt supports TRIM. – user1686 – 2011-03-22T06:13:15.010
1TrueCrypt supports TRIM only on system encrypted partitions - as said on their page. But unclear does it supports TRIM on non-system FDE drives :( – AYA – 2011-04-20T14:49:45.287