From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jorge.fabregas@gmail.com>
Received: from mail.saout.de ([127.0.0.1])
 by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id PhEiHwPYlEpM for <dm-crypt@saout.de>;
 Thu, 28 Jul 2011 01:18:29 +0200 (CEST)
Received: from mail-gx0-f178.google.com (mail-gx0-f178.google.com
 [209.85.161.178]) (using TLSv1 with cipher RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.saout.de (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Thu, 28 Jul 2011 01:18:28 +0200 (CEST)
Received: by gxk8 with SMTP id 8so1711509gxk.37
 for <dm-crypt@saout.de>; Wed, 27 Jul 2011 16:18:27 -0700 (PDT)
Message-ID: <4E309CC0.6010706@gmail.com>
Date: Wed, 27 Jul 2011 19:18:24 -0400
From: =?ISO-8859-1?Q?Jorge_F=E1bregas?= <jorge.fabregas@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: [dm-crypt] LUKS & TrueCrypt - Speed Test
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Hello everyone,

Inspired by this old blog post:

http://movingparts.net/2007/10/26/truecrypt-versus-luks-speed-test/

...I decided to perform some tests on my Fedora 14 box.   This is not a
pro benchmark so be warned :)

Common Facts for both tests:

- source & destination filesystems were ext4
- destination is an external USB drive
- source data size is 143GB (a folder with lots of files & directories,
small & large files, regular data...)
- rsync was used to perform the actual copy
- I'm using an "encrypted partition " (against an encrypted file)
- I did a test first with TrueCrypt and then with LUKS
- Between the above tests, I shut down the machine (to flush filesystem
cache).
- my system kernel: 2.6.35.13-92.fc14.i686

### TrueCrypt Results ####
I used AES-256 (XTS operation mode), hash algorithm: ripemd-160 and the
package was realcrypt-7.0a-1.fc14.i686

Output of time command after rsync finished:

real	105m22.211s
user	28m10.471s
sys	41m35.319s


### DM-Crypt LUKS Results ###
I used the defaults:  AES-256 (CBC), sha1 for header hashing and the
package cryptsetup-luks-1.1.3-1.fc14.i686

Output of time command after rsync finished:

real	108m55.291s
user	28m6.534s
sys	42m53.400s


As you can see, there's almost a 4 minute difference.  I was expecting
LUKS to be faster (as dm-crypt is a kernel module) and TrueCrypt runs
mainly in user space isn't it?  Do you think the cipher operation modes
(XTS vs CBC) played a role in this difference? Have any of you performed
a similar test?

Regards,
Jorge