On Thu, Nov 23, 2000 at 08:45:49PM +0800, Louis Lam wrote: > I was able to use ppdd to get an encrypted root file system and swap > partition. Both the root file system and the swap were formatted > with a blocksize of 1024 as suggested. > > Is there anyone in this list who is able to get encrypted root and > swap that are based on blocksize of 4096? I'm just using the regular kernel API, not ppdd. Using ext2/ext3, you tend to end up with 4K blocks by default and left them that way. > I am still trying to do that but so far I wasn't able to do so. I > understand that using the blocksize of 4096 may not be so efficient > for random access. More will have to be decrypted before u can get > to the part of the block that U want. The reason I want to do this > is just for seeing the difference, and maybe able to encrypt some > existing data which is actually a linux installation from redhat > 6.2 which by default formats the partition with a blocksize of 4096. You'll have to decrypt the entire block before you get to play with any part of it, yes. For user home directories, I would think that smaller block-sizes would be a plus (you're not dealing with horribly large files as a general case, for example). For encrypting an entire filesystem, I would think you would get into the same kinds of efficiency issues that made 4K blocks attractive in the first place. I tend to think of encryption as more of a latency issue. All else being equal, I've added encryption latency to my reads and writes, but the underlying issues should all be the same. You could probably benchmark it. The added latency might be so great that it makes the raw 1K/4K blocksize issue moot. Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
