mistave at countermail.com
Fri Sep 25 19:55:15 CEST 2015
Generally I use the following line:
# cryptsetup -c aes-xts-plain64:sha512 -h sha512 -y -s 512 -i 5000
--use-random luksFormat /dev/sdX
But AES should be faster, if your CPU supports AES-IN instruction (most
modern CPU's should). Though you are free to choose whatever cipher you
prefer (aes, twofish, serpent). On my PC AES (software) is a bit faster
than serpent and a bit slower than twofish. AES (hardware is fastest).
On 25. 09. 2015 19:33, Mike Nagie wrote:
> Hi all,
> I'm going to reinstall my ArchLinux and I thought I would try encrypting
> my home folder with dm-crypt.
> I read this and ArchWiki several times, but I'm still so confused.
> I'd like to keep my system as fast as just possible, sooo here is my
> benchmark results:
> PBKDF2-sha1 644088 iterations per second
> PBKDF2-sha256 391259 iterations per second
> PBKDF2-sha512 321254 iterations per second
> PBKDF2-ripemd160 410241 iterations per second
> PBKDF2-whirlpool 151703 iterations per second
> # Algorithm | Key | Encryption | Decryption
> aes-cbc 128b 124.2 MiB/s 143.3 MiB/s
> serpent-cbc 128b 49.9 MiB/s 194.5 MiB/s
> twofish-cbc 128b 112.4 MiB/s 211.2 MiB/s
> aes-cbc 256b 96.4 MiB/s 107.1 MiB/s
> serpent-cbc 256b 49.9 MiB/s 194.2 MiB/s
> twofish-cbc 256b 112.4 MiB/s 210.9 MiB/s
> aes-xts 256b 141.5 MiB/s 143.3 MiB/s
> serpent-xts 256b 201.1 MiB/s 191.4 MiB/s
> twofish-xts 256b 207.9 MiB/s 209.1 MiB/s
> aes-xts 512b 108.5 MiB/s 106.2 MiB/s
> serpent-xts 512b 200.1 MiB/s 191.5 MiB/s
> twofish-xts 512b 207.8 MiB/s 209.3 MiB/s
> So first thing; this is a 1TiB HDD. Do I need plain64? Or is there any
> Second: Everybody talks about the aes. It seems the twofish is faster
> here. Does this really matters? I mean this is a HDD, I guess it never
> does anything at that pace. (207MiB/s)
> Third: Since xts is supposed to be safer I think it's justified.
> Fourth: Key size I'm totally lost. Why 512b (even though it's splitted
> to 256) faster than the others? I'm sure something is not right with my theory
> else who would use 256b?! Do encrypted files bigger with 512b or
> what is the point here?
> Fifth: Hash: I'm thinking about sha256.
> Sixth: iteration time. I misunderstood the benchmark. I thought
> sha256 391259 iterations per second
> means 391259 iterations per second. However I set the iteration time to
> 391259 and well... it needless to say, it didn't open the encrypted
> partition in a second, more like in 10 minutes. So I have no idea how
> should I interpret this one.
> And lastly: --use-random or --use-urandom. I didn't get this one at all.
> Thank you for your answer in advance
More information about the dm-crypt