LUKS

LUKS and intel aes-ni performance part 2

Lately I've bought laptop with Intel i7-3720QM. Laptop got 2 disks: SSD Vertex 120GB and original WD Scorpio 7200rpm hdd. I have to check LUKS performance of this setup ('cause I use LUKS on daily basis). And it looks like this (of course bonnie++ results):

HT on, WD Scorpio 320GB 7200rpm, lvm, ext4, no encryption:
1.96,1.96,e6430,1,1351607747,12G,,,,105857,13,47626,6,,,129126,7,222.6,5

Bonnie++ results database

Finally I've just found small amount of time to write 2 PHP scripts and create database with all bonnie++ results I've got. All tests were run by me. Some tests do not have character speeds (those got -1 value there). You can sort results by: block write speed, character write speed, rewrite, block read speed, character read speed and seeks. You can also narrow results down by filtering LVM, encryption and filesystem type. Every new bonnie++ runs gonna go there.

Hope some of you gonna find this useful. Link is http://bonnie.it64.com/

LUKS and intel AES extension performance

Finally I've just got cpu with AES-NI to play with. And finally I was able to check performance gain using hadrware with LUKS volumes.
Edit: most important info, tested CPU was Intel Xeon X5650.

First of all I've checked block device speed (which was 2 SAS 300GB RAID1 set) without encryption. Device has ext4 and I used bonnie++ as usual.

1.96,1.96,15744M,,,,179260,16,82453,8,,,234866,11,814.5,20

LUKS ext4 performance

This time I want to compare performance of LVM based ext4 filesystem with LUKS encrypted device created on the same LVM volume.
Test system is intel cd2 e8200, 6GB RAM, 4*ST31500341AS (seagate 7200.11, 1.5TB) soft raid5.
First result is notcrypted LVM with ext4 filesystem:
247629,37,91502,14,,,290046,15,378.5,3

Then same volume but encrypted with 128bit AES:
98508,12,48053,5,,,159608,7,458.4,2

And last result for LUKS encrypted LVM volume with 256bit AES:
82206,10,41877,4,,,127844,5,461.5,2

Password vault with LUKS

Some organizations/companies got problem with keeping their passwords to sensitive systems safe.
I mean passowrds for privileged users (root, admin, etc.). Even small companies got big IT infrastructures with 10+ devices/systems which got administrative passwords (like servers, switches, databases, etc.). You use those accounts like ones half year, so it's hard to remember all those passwords (and users) combinations.

Subscribe to RSS - LUKS

Main menu

by Dr. Radut