Welcome! Log In Create A New Profile

Advanced

LUKS encryption

Posted by petergunn 
Forum List Message List New Topic
petergunn
LUKS encryption
January 07, 2011 11:09PM
I'm going to add a 2TB disk to my dockstar to keep periodic rsync backups from another server. I want to encrypt the drive using cryptsetup/LUKS so that I can mount it by simply plugging it into my laptop or servers that run Ubuntu desktop.

I found some benchmarks for various cryptsetup cipher modes on the 'net but the benchmarks were for x86 so I decided to script a test to see how these modes performed on the dockstar's ARM CPU.

Here are the results (cipher,write speed,read speed): 
Testing cryptsetup options: -c tnepres
512000000 bytes (512 MB) copied, 67.9427 s, 7.5 MB/s
512000000 bytes (512 MB) copied, 50.1347 s, 10.2 MB/s
Testing cryptsetup options: -c serpent
512000000 bytes (512 MB) copied, 65.4537 s, 7.8 MB/s
512000000 bytes (512 MB) copied, 47.2216 s, 10.8 MB/s
Testing cryptsetup options: -c seed-ecb-plain -s 256
Testing cryptsetup options: -c fcrypt-pcbc-plain -s 64
512000000 bytes (512 MB) copied, 64.0981 s, 8.0 MB/s
512000000 bytes (512 MB) copied, 51.9889 s, 9.8 MB/s
Testing cryptsetup options: -c khazad-ecb-plain -s 128
512000000 bytes (512 MB) copied, 75.8787 s, 6.7 MB/s
512000000 bytes (512 MB) copied, 66.935 s, 7.6 MB/s
Testing cryptsetup options: -c xtea-ecb-plain -s 128
512000000 bytes (512 MB) copied, 70.3674 s, 7.3 MB/s
512000000 bytes (512 MB) copied, 61.82 s, 8.3 MB/s
Testing cryptsetup options: -c arc4
Testing cryptsetup options: -c xeta-ecb-plain -s 128
512000000 bytes (512 MB) copied, 70.2621 s, 7.3 MB/s
512000000 bytes (512 MB) copied, 62.1143 s, 8.2 MB/s
Testing cryptsetup options: -c twofish
512000000 bytes (512 MB) copied, 63.6912 s, 8.0 MB/s
512000000 bytes (512 MB) copied, 47.9529 s, 10.7 MB/s
Testing cryptsetup options: -c anubis-cbc-plain -s 256
Testing cryptsetup options: -c anubis -s 256
Testing cryptsetup options: -c tea-ecb-plain -s 128
512000000 bytes (512 MB) copied, 65.0048 s, 7.9 MB/s
512000000 bytes (512 MB) copied, 53.9427 s, 9.5 MB/s
Testing cryptsetup options: -c anubis-ecb-plain -s 256
Testing cryptsetup options: -c cast6-cbc-plain -s 256
512000000 bytes (512 MB) copied, 76.1714 s, 6.7 MB/s
512000000 bytes (512 MB) copied, 62.62 s, 8.2 MB/s
Testing cryptsetup options: -c cast6
512000000 bytes (512 MB) copied, 75.0835 s, 6.8 MB/s
512000000 bytes (512 MB) copied, 62.7848 s, 8.2 MB/s
Testing cryptsetup options: -c des-ecb-plain -s 64
512000000 bytes (512 MB) copied, 67.614 s, 7.6 MB/s
512000000 bytes (512 MB) copied, 56.6951 s, 9.0 MB/s
Testing cryptsetup options: -c camellia -s 256
512000000 bytes (512 MB) copied, 72.5327 s, 7.1 MB/s
512000000 bytes (512 MB) copied, 57.3797 s, 8.9 MB/s
Testing cryptsetup options: -c anubis -s 128
Testing cryptsetup options: -c anubis-cbc-plain -s 128
Testing cryptsetup options: -c anubis-ecb-plain -s 128
Testing cryptsetup options: -c cast5-cbc-plain -s 128
512000000 bytes (512 MB) copied, 64.4373 s, 7.9 MB/s
512000000 bytes (512 MB) copied, 43.6595 s, 11.7 MB/s
Testing cryptsetup options: -c camellia -s 128
512000000 bytes (512 MB) copied, 65.2708 s, 7.8 MB/s
512000000 bytes (512 MB) copied, 46.7823 s, 10.9 MB/s
Testing cryptsetup options: -c aes -s 256
512000000 bytes (512 MB) copied, 60.7941 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 47.3104 s, 10.8 MB/s
Testing cryptsetup options: -c aes-cbc-plain -s 256
512000000 bytes (512 MB) copied, 60.2373 s, 8.5 MB/s
512000000 bytes (512 MB) copied, 47.1122 s, 10.9 MB/s
Testing cryptsetup options: -c aes-cbc-benbi -s 256
512000000 bytes (512 MB) copied, 58.8502 s, 8.7 MB/s
512000000 bytes (512 MB) copied, 47.2198 s, 10.8 MB/s
Testing cryptsetup options: -c aes-cbc-null -s 256
512000000 bytes (512 MB) copied, 60.0423 s, 8.5 MB/s
512000000 bytes (512 MB) copied, 47.4098 s, 10.8 MB/s
Testing cryptsetup options: -c blowfish
512000000 bytes (512 MB) copied, 60.3307 s, 8.5 MB/s
512000000 bytes (512 MB) copied, 39.2234 s, 13.1 MB/s
Testing cryptsetup options: -c aes-ecb-benbi -s 256
512000000 bytes (512 MB) copied, 60.5949 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 46.1861 s, 11.1 MB/s
Testing cryptsetup options: -c aes-ecb-null -s 256
512000000 bytes (512 MB) copied, 59.8808 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.3131 s, 11.1 MB/s
Testing cryptsetup options: -c aes-ecb-plain -s 256
512000000 bytes (512 MB) copied, 60.9946 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 46.298 s, 11.1 MB/s
Testing cryptsetup options: -c blowfish-ecb-plain
512000000 bytes (512 MB) copied, 47.4475 s, 10.8 MB/s
512000000 bytes (512 MB) copied, 35.7547 s, 14.3 MB/s
Testing cryptsetup options: -c aes-xts-plain -s 256
512000000 bytes (512 MB) copied, 72.389 s, 7.1 MB/s
512000000 bytes (512 MB) copied, 60.8891 s, 8.4 MB/s
Testing cryptsetup options: -c aes-lrw-plain -s 256
512000000 bytes (512 MB) copied, 72.8188 s, 7.0 MB/s
512000000 bytes (512 MB) copied, 57.9541 s, 8.8 MB/s
Testing cryptsetup options: -c aes-cbc-plain -s 128
512000000 bytes (512 MB) copied, 59.8667 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.6755 s, 11.0 MB/s
Testing cryptsetup options: -c aes-ctr-plain -s 128
512000000 bytes (512 MB) copied, 71.673 s, 7.1 MB/s
512000000 bytes (512 MB) copied, 56.4455 s, 9.1 MB/s
Testing cryptsetup options: -c aes-cbc-null -s 128
512000000 bytes (512 MB) copied, 59.4388 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.5257 s, 11.0 MB/s
Testing cryptsetup options: -c aes-cbc-benbi -s 128
512000000 bytes (512 MB) copied, 60.7615 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 46.9537 s, 10.9 MB/s
Testing cryptsetup options: -c aes -s 128
512000000 bytes (512 MB) copied, 59.8547 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.8822 s, 10.9 MB/s
Testing cryptsetup options: -c aes-ecb-plain -s 128
512000000 bytes (512 MB) copied, 60.4177 s, 8.5 MB/s
512000000 bytes (512 MB) copied, 46.3402 s, 11.0 MB/s
Testing cryptsetup options: -c aes-ecb-benbi -s 128
512000000 bytes (512 MB) copied, 59.7631 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.4118 s, 11.0 MB/s
Testing cryptsetup options: -c aes-ecb-null -s 128
512000000 bytes (512 MB) copied, 59.1377 s, 8.7 MB/s
512000000 bytes (512 MB) copied, 46.1413 s, 11.1 MB/s
The blowfish-ecb-plain cipher seems to give noticeably better performance than the others.

I'll rerun the benchmark again tonight to verify.

-PG
Reply Quote
John Doe
Re: LUKS encryption
January 08, 2011 02:51AM
Note that ECB mode is vulnerable to some simple attack methods. You probably want at least CBC:
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29

The Kirkwood CPU in the Dockstar offers hardware accelerated AES en/decryption. If you plan to make use of that, it would be wise to choose the AES cipher now. Even if the hardware accelerated encryption is not much faster than the software ciphers, it offloads work from the general purpose CPU.
Reply Quote
petergunn
Re: LUKS encryption
January 08, 2011 07:51AM
John Doe Wrote:
-------------------------------------------------------
> Note that ECB mode is vulnerable to some simple
> attack methods. You probably want at least CBC:

ECB is probably fine for my needs but a quick test indicates that CBC
mode doesn't add much overhead so may as well.

> The Kirkwood CPU in the Dockstar offers hardware
> accelerated AES en/decryption. If you plan to make
> use of that, it would be wise to choose the AES
> cipher now. Even if the hardware accelerated
> encryption is not much faster than the software
> ciphers, it offloads work from the general purpose
> CPU.

This is more interesting to me. I did a little head-to-head between
blowfish-cbc and aes-cbc: 
Testing cryptsetup options: -c blowfish-cbc-plain
512000000 bytes (512 MB) copied, 60.6939 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 39.133 s, 13.1 MB/s
Testing cryptsetup options: -c blowfish-cbc-benbi
512000000 bytes (512 MB) copied, 60.7857 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 39.2063 s, 13.1 MB/s
Testing cryptsetup options: -c aes-cbc-plain -s 128
512000000 bytes (512 MB) copied, 60.8713 s, 8.4 MB/s
512000000 bytes (512 MB) copied, 46.6521 s, 11.0 MB/s
Testing cryptsetup options: -c aes-cbc-benbi -s 128
512000000 bytes (512 MB) copied, 59.6948 s, 8.6 MB/s
512000000 bytes (512 MB) copied, 46.9281 s, 10.9 MB/s
Looks like blowfish pegs cpu @ ~94% while aes uses ~72ish%

Still on the fence, but I'm leaning towards aes-cbc-benbi now
- hardware acceleration is cool :-)

-PG
Reply Quote
restamp
Re: LUKS encryption
January 08, 2011 07:52PM
For us uninitiated folks, how does one tell whether the Marvel chip's hardware encryption engine is being used? Was it built into the kernel after some point? Does it require a special dm_crypt?
Reply Quote
petergunn
Re: LUKS encryption
January 08, 2011 07:55PM
Its a kernel module called mv_cesa. When it active you'll see as new kernel thread (also called mv_cesa) offloading some of the work from kcryptd. I'm using Gorgone's 2.6.35.7 kernel and mv_cesa seems to load/activate automatically when you use a compatible cipher mode.

-PG
Reply Quote
Newer Topic Older Topic
Author:

Your Email:


Subject:
Spam prevention:
Please, enter the code that you see below in the input field. This is for blocking bots that try to post this form automatically. If the code is hard to read, then just try to guess it right. If you enter the wrong code, a new image is created and you get another chance to enter it right.
Message: