0

I have a SanDisk Extreme II SSD. Despite using Marvell 88SS9187 controller, the drive does not support hardware encryption of any kind. I read around a bit and found that most software does encryption in memory and then writes on the drive, but couldn't find a straight answer to my question.

On Ubuntu: If I encrypted my home folder, would that change in any way how the drive operates? Would there be any performance hit or life reduction?

On Windows: Windows 8.1 is enabling me to activate BitLocker and I can easily install TrueCrypt. My question is what is the best option - full-disk/partition or virtual disk encryption with BitLocker/TrueCrypt?

My main concern is that I am unaware of how Ubuntu encrypts the home folder dynamically and how BitLocker works on SSDs without hardware encryption. (Why is this even a concern? Do HDDs have something up their sleeve to SSDs when in comes to encrypted file writes?) Essentially, why would anyone make hardware encryption a thing if all encryption is made in memory and then written to disk.

PS: As it is a non-SandForce SSD, I also couldn't find a lot of information on the compression policies of the drive. Hopefully some SanDisk enthusiast could clarify the situation for me.

Improve this question

1 Answer 1

Reset to default
0

Hardware encryption (HE) is something really separate to software encryption (SE), in general HE should appear to be more efficient but not in all cases. If you would have an SSD with embedded HE, the performance of encrypted drive shouldn't differ on what platform the test would be taken - in theory. When it comes to SE the key role plays your CPU (i.e. clock, AES support, number of cores if encryption software supports multithreading).

You should noticed, that most modern CPUs support AES and in this case there will be no difference in performance between encrypted or not encrypted drive when that algorithm you choose. What will be in case of choosing Serpent or Twofish? Well in my tests on I7-2600 on TrueCrypt and DiskCryptor there are no significant drops in performance (1-3% on file copy). This CPU is too powerful, even when underclocked to 1.6GHz... Only when I set the combination of AES-Twofish-Serpent there was a noticeable drop in performance.

On Ubuntu for full disk encryption you should choose dm-crypt, there is no option for TrueCrypt to do that at this time (v. 7.1a), only partitions, containers. On Windows I actually use BitLocker for full disk encryption with no problems. Encryption doesn't affect endurance of SSD, because all operation are taken in RAM.

Improve this answer
2
  • thanks. so I should just go and encrypt my home folder no problem, right?
    – kgizdov
    Commented May 30, 2014 at 10:53
  • @kgizdov Yes, there should be no problems with encrypted home directory. Ubuntu has also built-in encryption for home check here.
    – Jarek
    Commented May 30, 2014 at 16:01

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .