5
Will I see a performance gain with AES-NI using dm-crypt/LUKS for hard drive system encryption?
Isn't the hard drive the bottleneck even without hardware acceleration?
Mark K.
Posted 2011-07-25T04:53:30.120
Reputation: 59
Intel's AES-NI performance: Isn't the hard drive the bottleneck?
Answers
8
The hard drive is the bottleneck in some cases (depends on how fast your CPU is), but there is some computation time before data is written to the drive, and that is what the implementation of the AES instruction set was for. It was also intended to help speed up encrypted file compression operations (e.g. through 7-zip), or performing complex hashing algorithms on large amounts of data.
The speed-up you see will depend on how slow your CPU is (all relative in the end), but you will see a speed-up since it has to first load the data from the drive (or memory), encrypt it, and then move it back to the hard disk. This reduces the encryption speed, which may or may not be a factor (speed is highly dependent on your system configuration, specifically CPU and RAM speed).
These speed-ups should help to bring you much closer to real-time transfer speeds (which you get when copying unencrypted files with no encryption overhead).
Breakthrough
Posted 2011-07-25T04:53:30.120
Reputation: 32 927
1The hard drive may not be the bottleneck if it's fast enough, like with an SSD. Also, the more time the CPU must spend doing encrypted I/O is time that other processes running on the system don't get to use. Finally, AES-NI may also allow for lower power usage when in use compared to non-accelerated encryption -- a win for both battery life and cooling systems. – afrazier – 2011-08-05T02:48:23.120
@afrazier when you're encrypting anything, AES-NI or not, you'll be drawing a relatively large amount of power. I don't think an end user would see the difference, and your CPU would still get quite hot. – Breakthrough – 2011-08-05T02:55:32.027