2008-03-16

Performance (CPU time & disk throughput) overhead caused by encryption under Linux (Ubuntu)

Everybody who uses encrypted partitions under Linux have thought about performance overhead which is required to decrypt and encrypt data on-the-fly. To use disk encryption under Linux you have to install the cryptsetup package which reads the encryption key during boot time from an external media (USB stick etc.). Actually this performance overhead is not that big as many people think. For its transparent on-the-fly encryption Linux uses the dm_crypt kernel module. Phoronix have made disk encryption benchmarks which proof that security must not necessarily be a performance killer:

Encryption benchmark - disk throughput under Linux