[dm-crypt] Switch to XTS mode for LUKS in cryptsetup in 1.6.0 (Was Re: [ANNOUNCE] cryptsetup 1.6.0-rc1)
gmazyland at gmail.com
Fri Jan 4 20:14:42 CET 2013
On 01/04/2013 07:55 PM, Romain Francoise wrote:
> Milan Broz <gmazyland at gmail.com> writes:
>> Any serious objections to not do that now?
> How does it compare to cbc in terms of (real-world) performance?
It is slower but on recent systems it shouldn't not be bottleneck
(even with fast storage).
I really prefer security to performance here.
But anyway, there is now benchmark command to test it.
An example (on my 3 year old Thinkpad x201 notebook with AES-NI):
# Tests are approximate using memory only (no storage IO).
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 789.0 MiB/s 1899.0 MiB/s
aes-cbc 256b 595.0 MiB/s 1445.0 MiB/s
aes-xts 256b 572.0 MiB/s 571.4 MiB/s
aes-xts 512b 465.0 MiB/s 467.0 MiB/s
(I think XTS got some more optimization in recent kernel, this is from 3.6.)
You can try it yourself, just run "cryptsetup benchmark" with 1.6.0-rc1,
perhaps we will need some new FAQ entry here.
More information about the dm-crypt