38

I have a netbook with Windows on the second partition and Xubuntu (/ and /home) on the third partition. I selected to encrypt my home folder during installation. The performance of the netbook is adequate for the small machine that it is, but I'm looking to improve performance. I could not find much information about the overhead (CPU or drive) associated with home partition encryption. I ran the following, writing to my home partition as well as the the mounted Windows partition:

dd if=/dev/zero of=~/dummy bs=512 count=10240

dd if=/dev/zero of=/media/Windows/dummy bs=512 count=10240

The first returned 2.4MB/s and the second returned 2.5MB/s. Can I therefore deduce that there is very little overhead to home folder encryption? I'm not sure if the different filesystems will make any difference (/ and /home are ext3).

Update 1

I don't know why I didn't use /tmp instead of the mounted Windows folder. Only /home is encrypted, so /tmp is unencrypted ext3. The results of the dd as above are astounding:

~: 2.4 MB/s

/tmp: 42.6 MB/s

Comments please? The reason I am asking this is that disk access on the netbook is noticeably slow.

Update 2

I timed each of the dd operations with time:

~: 

real    0m2.217s  
user    0m0.028s  
sys     0m2.176s

/tmp: 

real    0m0.152s  
user    0m0.012s  
sys     0m0.136s

See also: discussion on UbuntuForums.org and bug report (2012/05/11: now seems to be a bug relating to SSD)

Edit: Output of mount:

/dev/sda3 on / type ext3 (rw,noatime,errors=remount-ro,user_xattr,commit=600)
proc on /proc type proc (rw,noexec,nosuid,nodev)
none on /sys type sysfs (rw,noexec,nosuid,nodev)
fusectl on /sys/fs/fuse/connections type fusectl (rw)
none on /sys/kernel/debug type debugfs (rw)
none on /sys/kernel/security type securityfs (rw)
none on /dev type devtmpfs (rw,mode=0755)
none on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=0620)
none on /dev/shm type tmpfs (rw,nosuid,nodev)
none on /var/run type tmpfs (rw,nosuid,mode=0755)
none on /var/lock type tmpfs (rw,noexec,nosuid,nodev)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
gvfs-fuse-daemon on /home/USER/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=USER)

Update 2012/05/01: More related links for reference: an (old) Phoronix test, a similar question here, a duplicate question here and a similar SuperUser question. A good summary answer here suggests that performance penalties are only noticeable on small/netbook (Atom) processors and SSDs.

Community
  • 1
SabreWolfy
  • 775

4 Answers4

21

I have been using the encrypted home directory feature for years and I can tell you that while it behaves fine under normal circumstances it will bring your machine to its knees when doing any kind of intense file operations.

I have a quad-core Pentium i7 with 16GB of RAM from System7. By any measure it is a lightening fast laptop with a SATA 7200 RPM drive. Just today when I was unzipping a file with 20,000 small text files in it (take 10 minutes), my system is essentially unusable. Everything that touches the file system has a 1-2 second delay...including the web browser. My experience is exactly that of the OP -- the encrypted home directory is about 15x slower than unencrypted.

I didn't think anything about it because I am so used to it (this is my 4th laptop). On the wild chance that somebody has a tip on how to improve it, I thought I'd search here.

I encrypt my home directory because I HAVE to. If you don't have to...then don't.

Dave
  • 3,647
9

dd is NOT a good way to measure HD performance. There are to many variables involved and any good test would need to be done numerious times anyway.

Encryption generates an overhead especially on the "lesser" cpu's that are in netbooks. They are cheaper for a reason after all.

While I do not have data on drive encryption, I did do tests on https vs http for a webserver and the cost is substantial but not lethal. HOWEVER, your home dir tends to be a mess with programs writing to their hidden directories at random constantly. See Firefox for one bad boy in this regard. This is a constant slight slow down on a netbook that is already slower and often as standard has a slow HD.

Run it again with bonnie++ another user recommended but this time, do it with TWO different users, one with an encrypted HD, the other without. Make sure both home dirs are filled the same.

That gives you a far more accurate test. I would not be suprised to see about 20% performance hit or more. That is what my web server did when asked to encrypt everything it put out. And you are reading and writing encrypted data.

Didier
  • 131
3

While encryption for sure will add overhead, encrypting the home partition should not have a big impact on your system's performance. Most of the programs you run are read brom /bin or /usr, and most of the regular system writing is in /var or /tmp.

Only your user files are in /home, so you will see impact if processing large files, which I usually put on separate partition anyway, keeping my home for documents only.

Sunny
  • 268
0

Transfer speed is hardly a sufficient metric to assess the overhead of encryption: it might simply be that the bottleneck is your hard drive's IO capacity. You might also want to look at CPU usage, it might (or might not) be different whether you use encryption or not.