On Tue, 12 Mar 2002 19:43, Sam Vilain wrote: > > I've done some benchmarking of the old "international kernel patch" and > > found it to be usable on small systems. > > Done it recently? > > hoffman:~$ df . crypto/ > Filesystem 1k-blocks Used Available Use% Mounted on > /dev/hda7 6265120 5366380 898740 86% /home > /home/sam/.crypto 665572 498796 166776 75% /home/sam/crypto > hoffman:~$ time bash -c "dd if=/dev/zero of=test bs=4096 count=10240; > sync" > 10240+0 records in > 10240+0 records out > > real 0m5.152s > user 0m0.050s > sys 0m0.640s > hoffman:~$ time bash -c "dd if=/dev/zero of=crypto/test bs=4096 > count=10240; sync" > 10240+0 records in > 10240+0 records out > > real 0m9.685s > user 0m0.030s > sys 0m0.660s > hoffman:~$
So we're doing 40M in <10s, this means something like 12MB/s encryption speed. > That's with AES, a 192 bit key size, and a 2.4.18-ac3+preempt kernel. My > machine is a fairly new Dell(850MHz). Both filesystems are reiserfs. > > During a fsck, the CPU isn't doing much else anyway. So it would take > about twice as long, assuming you don't have a system more powerful than > my laptop to do the encryption. Say you had a dual processor system (or a > single Athlon ;), it could probably encrypt/decrypt as quickly as the disk > can transfer data, especially for random access. If a fast Athlon is twice as fast then it'll still be a bottleneck if you have a single fast IDE hard drive (modern IDE drives can sustain >30M/s for linear transfers). Then think if you have 10 large file systems each comprised of 6 disks in a hardware RAID array. You'll never get enough CPU power to keep up. -- If you send email to me or to a mailing list that I use which has >4 lines of legalistic junk at the end then you are specifically authorizing me to do whatever I wish with the message and all other messages from your domain, by posting the message you agree that your long legalistic sig is void.