[dm-crypt] benchmark, kernel, libgcrypt, comparisons

Milan Broz gmazyland at gmail.com
Wed Jan 29 15:59:23 CET 2014

On 01/29/2014 03:22 PM, shmick at riseup.net wrote:
> i came across a text file benchmark i did with the 2nd latest cryptsetup
> and thought id see how 1.6.3 would look
> i have different kernel and libgcrpyt versions since 1.6.2 as well and
> it was said on the gnupg list when libgcrypt 1.6.0 came out there were
> some speed improvements

In fact, gcrypt 1.6.0 was major slowdown for PBKDF2 (previously cryptsetup
used own implementation because it was not available in gcrypt), but it will
be fixed in gcrypt 1.6.1.

> what would likely be the main source of speed increases - kernel or
> libgcrypt ?

In general, for hash algorithm used in header parsing or key derivation
user space library is important (gcrypt), for block ciphers it is kernel.

Usually in userspace openssl backend is faster, but gcrypt is default.

It is not much important because this is used only during device unlocking,
data access later is pure kernel dm-crypt job.

> serpent decryption is vastly faster, twofish in general but seems AES isn't

This depends on machine (and which cipher implementation - it can be accelerated
through AES-NI, SSE instruction etc, depends on your arch and kernel config).
I think kernel API has continuous improvement, so check crypt modules available
(dmcrypt will simply use what crypto API provides).


More information about the dm-crypt mailing list