[dm-crypt] 1,5 TB partition: use cbc-essiv or xts-plain?
theiling at absint.com
Thu Aug 6 16:32:31 CEST 2009
Salatiel Filho writes:
> I really liked this one, using aes-cbs-essiv:sha256 [keysize=256] i
> was able to get only 0.89MB/s reading via NFS from my ARM 266Mhz.
> Using serpent-cbc-essiv:sha256[keysize=256] i can get 2,66MB/s,
> which is really good.
Fascinating. I thought Serpent was universally the slowest of the
three big algorithms (AES/Rijndael, Twofish, Serpent) that was used if
you wanted highest security margins. Your speed test results come
quite unexpected for me, especially since AES and Twofish have
assembler modules while Serpent has only a C implementation in the
kernel (as of last time I checked).
For me, speed is quite secondary, because I have a fast machine which
crypts much faster than the USB-2.0 interface can possibly serve the
More information about the dm-crypt