3
1
I have been experimenting with using eCryptfs as the underlying file system for MySQL data to mimic transparent data encryption for MySQL. I ran some tests to measure the overhead of decryption when MySQL reads data and I am getting strange results.
I prepared a table of size 7.5 GB and ran a full table scan (SUM) query. I have two scenarios -
- When the underlying fs is ext4 and no encryption, the average time of the query on multiple runs - 22.5 seconds
- eCryptfs mounted on top of ext4 -
- When table is created for the first time the average run-time of query is 21 seconds (Since it's lesser than unencrypted one, is there some prefetching involved?)
- Clear the MySQL buffers and re-run the query, the average run-time now is 9.6 seconds (due to eCryptfs buffering?)
- If I umount my directory and remount it but don't recreate the data, the average time comes around 17 seconds. This is again mysterious. Did eCryptfs store some unencrypted meta information, when it decrypted for the first time?
I ran these tests multiple times (clearing MySQL buffers every time) and I got consistent results. Can someone please explain or point me to a resource, that explains this behavior? Is it possible to disable this (for the tests)?
Could you summarize what the link says in your answer in case it goes dead? – jonsca – 2012-11-28T05:03:14.297