Date: Mon, 09 Aug 2004 11:55:47 +0200 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: Maxim Sobolev <sobomax@portaone.com> Cc: Daniel Eriksson <daniel_k_eriksson@telia.com> Subject: Re: Simple BDE disc encryption benchmark Message-ID: <17520.1092045347@critter.freebsd.dk> In-Reply-To: Your message of "Mon, 09 Aug 2004 12:42:03 %2B0300." <411746EB.5030006@portaone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <411746EB.5030006@portaone.com>, Maxim Sobolev writes: >> The only time the CPU was completely busy was when copying /bigfiles from >> encrypted to encrypted. >> >> My question is: Why does the it take so much longer when encryption is >> involved even though 'top' seems to think there are CPU cycles left to burn? > >The problem (well, not quite "the problem" since it is design decision) >is that GBDE tries to rearrange sectors in pseudo-random fashion to make >cryptoanalysis harder. Usually filesystem tries to place all sectors >that belong to the same file consequently, to avoid expensive disk >seeks. But on encrypted disk logically ajaced sectors are physically >spread, so that reading them introduces seek delays. Uhm, this is not quite correct. It is true that I played around with pseudo-random sector mapping a fair bit, but since it _totally_ killed performance I dropped it again. The mapping GBDE performs is sequential with inserted key sectors, this was the most performance friendly layout I could come up with. Poul-Henning -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17520.1092045347>