[dm-crypt] Basics

Arno Wagner arno at wagner.name
Fri Sep 25 22:12:56 CEST 2015


Hi Mike,

unless you are a crypto-expert, go with the cryptsetup
defaults. For not too old versions, these are
aes-xts-plain64 for LUKS and PBKDF2-sha1 for the
key protection (no, SHA-1 is not insecure when
used like here...).

Regards,
Arno

On Fri, Sep 25, 2015 at 19:33:16 CEST, Mike Nagie wrote:
> Hi all,
> 
> I'm going to reinstall my ArchLinux and I thought I would try encrypting 
> my home folder with dm-crypt.
> I read this and ArchWiki several times, but I'm still so confused.
> I'd like to keep my system as fast as just possible, sooo here is my 
> benchmark results:
> 
> PBKDF2-sha1       644088 iterations per second
> PBKDF2-sha256     391259 iterations per second
> PBKDF2-sha512     321254 iterations per second
> PBKDF2-ripemd160  410241 iterations per second
> PBKDF2-whirlpool  151703 iterations per second
> #  Algorithm | Key |  Encryption |  Decryption
>      aes-cbc   128b   124.2 MiB/s   143.3 MiB/s
>  serpent-cbc   128b    49.9 MiB/s   194.5 MiB/s
>  twofish-cbc   128b   112.4 MiB/s   211.2 MiB/s
>      aes-cbc   256b    96.4 MiB/s   107.1 MiB/s
>  serpent-cbc   256b    49.9 MiB/s   194.2 MiB/s
>  twofish-cbc   256b   112.4 MiB/s   210.9 MiB/s
>      aes-xts   256b   141.5 MiB/s   143.3 MiB/s
>  serpent-xts   256b   201.1 MiB/s   191.4 MiB/s
>  twofish-xts   256b   207.9 MiB/s   209.1 MiB/s
>      aes-xts   512b   108.5 MiB/s   106.2 MiB/s
>  serpent-xts   512b   200.1 MiB/s   191.5 MiB/s
>  twofish-xts   512b   207.8 MiB/s   209.3 MiB/s
> 
> So first thing; this is a 1TiB HDD. Do I need plain64? Or is there any 
> drawbacks?
> 
> Second: Everybody talks about the aes. It seems the twofish is faster 
> here. Does this really matters? I mean this is a HDD, I guess it never 
> does anything at that pace. (207MiB/s)
> 
> Third: Since xts is supposed to be safer I think it's justified.
> 
> Fourth: Key size I'm totally lost. Why 512b (even though it's splitted 
> to 256) faster than the others? I'm sure something is not right with my theory 
> else who would use 256b?! Do encrypted files bigger with 512b or 
> what is the point here?
> 
> Fifth: Hash: I'm thinking about sha256.
> 
> Sixth: iteration time. I misunderstood the benchmark. I thought 
> sha256     391259 iterations per second
> means 391259 iterations per second. However I set the iteration time to 
> 391259 and well... it needless to say, it didn't open the encrypted 
> partition in a second, more like in 10 minutes. So I have no idea how 
> should I interpret this one.
> 
> And lastly: --use-random or --use-urandom. I didn't get this one at all.
> 
> Thank you for your answer in advance
> 
> Mike
> -- 
> You are so lucky!
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier


More information about the dm-crypt mailing list