On 01/04/2013 07:55 PM, Romain Francoise wrote:
> Milan Broz <gmazyland@xxxxxxxxx> writes:
>
>> Any serious objections to not do that now?
>
> How does it compare to cbc in terms of (real-world) performance?
It is slower but on recent systems it shouldn't not be bottleneck
(even with fast storage).
I really prefer security to performance here.
But anyway, there is now benchmark command to test it.
An example (on my 3 year old Thinkpad x201 notebook with AES-NI):
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 789.0 MiB/s 1899.0 MiB/s
aes-cbc 256b 595.0 MiB/s 1445.0 MiB/s
aes-xts 256b 572.0 MiB/s 571.4 MiB/s
aes-xts 512b 465.0 MiB/s 467.0 MiB/s
(I think XTS got some more optimization in recent kernel, this is from 3.6.)
You can try it yourself, just run "cryptsetup benchmark" with 1.6.0-rc1,
perhaps we will need some new FAQ entry here.
Milan
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
