Comparison of Common Encryptions Schemes in Linux

I've been thinking about encrypting my hard drive for quite some time now, but I couldn't quite decide what type of encryption to go for. Naturally, I wanted the best balance between security, ease of use, and performance.

I found that it is particularly difficult to find any useful information on how different sorts of encryption schemes impact performance, so I made a little performance test of my own.

The encryption schemes I tested are as follows:

1. dm-crypt/LUKS (used by palimpsest -- Ubuntu Disk Utility ), Truecrypt
2. eCryptFS (Ubuntu Home Encryption), cryptkeeper

The first group concerns block device encryptions--encryptions of whole partitions. These do have some advantages over filesystem-level encryption schemes from he second group, as well as disadvantages.

Advantages of block device encryption:

• Less data leakage -- an adversary cannot learn how much of the partition is use and when it was accessed last time
• In case of truecrypt, the partition appears as random data; furthermore truecrypt partitions may contain a hidden partition thus offering plausible deniability

Disadvantages of block device encryption:

• Unencrypted data may not coexisted with encrypted data (=> possible performance impact)
• Truecrypt doesn't allow multiple keys (possible issuses in shared environments)

As for filesystem-level encryption:

Advantages of filesystem-level encryption:

• Encrypted data coexist with unecrypted data (better sharing, possibly better performance)

Disadvantages of filesystem-level encryption:

• The adversary can learn exactly how much information has been encrypted and when it was accessed/changed  last time

(For a more detailed comparison, use Google na Wikipedia).
And finaly my testing:
I created a partition at the beginning of my 1.5 TB external hardrive connected to my PC via a eSATA cable. Then I measured read and write speeds for a) a large file b) many small files while using various encryption schemes and a plain ext4 filesystem for comparison.

My PC specs:

• OS: Linux Mint 11, kernel 2.6.38-11-generic AMD64
• CPU: Intel (R) Core (TM) i5 M 480
• RAM: 3.7 GiB
• Partition size 20 GB formated with EXT4 at the beginning of ATA SAMSUNG HD154UI, 7200rpm, cache enabled, 1.5 TB, GUID Partition Table, connected via eSATA

The test consisted of the following steps (in short):

1. Set up encryption on the partition
2. Create a 4GiB of zeroes (dd if=/dev/zero) using optimal block size (bs=256k gave the best results), measure how much time it takes
3. Read the 4GiB file (dd of=/dev/null) and measure how much time it took
4. Do the same thing with many small files (I used 6991 files 600kB large (4GiB) )

The test results are as follows:

ENC/SPEED (MB/s)	plain EXT4	AES128	AES256 (palimsest)	AES256truecrypt	CryptKeeper	eCryptFS128 (UbuntuHome)	eCryptFS256
W 4GiB FILE	98	97	95	94	38	100	84
R 4GiB FILE	95	88	76	79	63	78	83
W 4GiB SMALL FILES	106	97	93	85	28	54	46
R 4GiB SMALL FILES	66	37	37	38	40	31	36

Relative loss in speed in comparison to plain EXT4:

ENC/RELATIVE LOSS (%)	plain EXT4	AES128	AES256 (palimsest)	AES256truecrypt	CryptKeeper	eCryptFS128 (UbuntuHome)	eCryptFS256
W 4GiB FILE	0%	1%	2%	4%	62%	-2%	13%
R 4GiB FILE	0%	7%	19%	16%	34%	18%	13%
W 4GiB SMALL FILES	0%	8%	12%	20%	74%	49%	57%
R 4GiB SMALL FILES	0%	44%	44%	42%	39%	53%	45%

The results show that small files present a significant bottleneck in all encryption systems.

For a more detailed results including error margins, have a look at this spreasheet.

Disclaimer: This is not intended to be a scientific analysis :D. I just wanted to know the impact of various encryption schemes on my system, and I got caught up with it for slighter longer than I thought I would.