The last weekend I felt like experimenting a little with encrypted partitions.

Setting up everything is pretty straight forward: it's just about following one of the several tutorials available on the net. What I really wanted to understand was whether, or how much, the encryption/decryption overhead can slow down the normal I/O activity.

To do so, I prepared an admittedly over-simplified testing procedure:

1. format a partition & mount it:

# mkfs -t ext3 -O dir_indiex,sparse_super PARTITION
# mount PARTITION /mnt

2. write test:

# time dd if=/dev/zero of=/mnt/largefile bs=1M count=100

3. read test:

# time dd if=/mnt/largefile of=/dev/null bs=1M count=100

4. create a lot of small files:

# time for x in {1..9999}; do touch /mnt/test$x; done

5. stat the previously created files:

# time ls -l /mnt >/dev/null

6. unmount the partition:

# umount /mnt

I chose an empty partition on my hard disc and repeated the procedure twice: on the partition itself, and on an encrypted volume created on top of it with:

# cryptsetup luksFormat -c aes-cbc-essiv:sha256 PARTITION
# cryptsetup luksOpen PARTITION ctest

I don't want to post numeric results here, since it doesn't make sense to compare absolute figures with tests as rough as those ones. But what I found out is that the only remarkable difference is in the write test, where the encrypted partition is three times slower than the regular one. Incredibly enough, all the other tests do not show significant difference between the two setups.