[dm-crypt] Status of trim for SSds?

André Gall dm-crypt at andregall.de
Thu Jul 14 16:46:38 CEST 2011


I'd like to know the current status about the compatibility of TRIM
(http://en.wikipedia.org/wiki/TRIM) for SSDs and dm-crypt. It is my
understanding, that the current version of dm-crypt does not support
trim operations and therefore SSDs that are encrypted with dm-crypt are
not able to work as efficiently and fast as they would with working trim.

One argument that is often heard in discussions about encryption and
trim, is that trim enables an attacker to tell used blocks from empty
blocks and that this might make an attack easier. However, I have never
heard of a case, where the knowlege about the used blocks lead to a
successfull attack of state-of-the-art crypto-algorithms and
implementations. Of course the attacker might be able to make some
guesses or assumptions about the content of the encrypted storage-device
by analysing the distribution of used blocks, but in most scenarios this
isn't an issue.

Is the support of TRIM a feature that's planned for the future? If so,
when? If not, why not?


More information about the dm-crypt mailing list