I want to compare different encryption solutions for encrypting my system, possibly different solutions for different parts of the system such as /usr
or /home
. In particular I look at dm-crypt partitions, containers, truecrypt, ecryptfs and encfs with different parameters. For several reasons I think that just measuring raw seq read and write speeds using dd
is not enough:
- seq read/write gives me different CPU loads, for example ecryptfs loads only one core (up to 100%) whereas dm-crypt is faster, but loads both cores, so in real use ecryptfs may be faster when the system is under load from other applications (maybe not, but how do I benchmark this?)
- it's all about an SSD so I want to have benchmark, which indicates for which option the system will feel more responsive, so I should include some random read write tests or something like that as well (but I don't know how to do so)
- benchmarking a solution for
/usr
may need other benchmarks than for/home
since the i/o characteristics may be different
I should add that my CPU doesn't support AES instructions, so it is a limiting factor in performance. I don't want to isolate a part of the system but compare the different encryption solutions for the SSD in my particular system. So what's the best way to benchmark in my case and how to do it in detail?
Best Answer
How about the built-in
cryptsetup benchmark
?Usually you'll want to use one of the AES ciphers. Even if your system does not support AES-NI today, your next box may...