RE: Open source FDE for Win32
On 11 February 2008 04:13, Ali, Saqib wrote: I installed TrueCrypt on my laptop and ran some benchmark tests/ Benchmark Results: http://www.full-disk-encryption.net/wiki/index.php/TrueCrypt#Benchmarks Thanks for doing this! Cons: 1) Buffered Read and Buffered Transfer Rate was almost halved after TrueCrypt FDE was enabled :-(. Yes, to almost the exact same rate as sequential reads. I'm guessing it simply doesn't implement look-ahead decryption. It might even be a positively good idea to not decrypt anything until you're specifically asked. 3) The initial encryption of the 120 GB HDD took 2 hours. You think a 1GB/min encryption rate is so slow as to count as a con? I think that's fairly reasonable. My lightly loaded AMD64x2 box just took 48s to copy a 584MB file from one place to another on a first trial, and between 26s and 39s on 'hot' retests. Or are you suggesting that it could encrypt each block OTF when it's first accessed, or run the encryption in the background while the system was still live, instead of converting the whole drive in one big bite? cheers, DaveK -- Can't think of a witty .sigline today - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Open source FDE for Win32
Hello Dave, On 13/2/2008 21:26, Dave Korn wrote: Or are you suggesting that it could encrypt each block OTF when it's first accessed, or run the encryption in the background while the system was still live, instead of converting the whole drive in one big bite? Encrypting blocks only when they are used can be risky in terms of false sense of security. There is basically no way for you to tell what is left out there. Encrypting the drive while the system is live is what TC currently does. Encryption runs in the background while you can do other things (though much slower). Hagai. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Open source FDE for Win32
I installed TrueCrypt on my laptop and ran some benchmark tests/ Benchmark Results: http://www.full-disk-encryption.net/wiki/index.php/TrueCrypt#Benchmarks Pros: 1) Easy to use product. Simple clean interface. Very user-friendly! 2) Free and Open Source 3) Multiple Encryption and Hashing algorithm available. Cons: 1) Buffered Read and Buffered Transfer Rate was almost halved after TrueCrypt FDE was enabled :-(. 2) Access Time for large file (250+MB) increased by 11%. 3) The initial encryption of the 120 GB HDD took 2 hours. On Feb 7, 2008 11:46 PM, Hagai Bar-El [EMAIL PROTECTED] wrote: List, Finally, an open source FDE (Full Disk Encryption) for Win32. It is the first one I am aware of: www.truecrypt.org TC is not a new player, but starting February 5th (version 5) it also provides FDE. Didn't get to try it yet. Hagai. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Open source FDE for Win32
Hello, On 11/2/2008 06:13, Ali, Saqib wrote: I installed TrueCrypt on my laptop and ran some benchmark tests/ Benchmark Results: http://www.full-disk-encryption.net/wiki/index.php/TrueCrypt#Benchmarks Pros: 1) Easy to use product. Simple clean interface. Very user-friendly! 2) Free and Open Source 3) Multiple Encryption and Hashing algorithm available. Cons: 1) Buffered Read and Buffered Transfer Rate was almost halved after TrueCrypt FDE was enabled :-(. 2) Access Time for large file (250+MB) increased by 11%. 3) The initial encryption of the 120 GB HDD took 2 hours. Actually, there is one major (but temporary) limitation to TC5: It does not process too well partitions that are not the system partition, but which share the same physical drive as the system partition, if you elect to encrypt the entire drive. That is, if you decide to encrypt a whole physical drive that stores both C: (system) and D: (another partition), you are going to face a situation in which your D: partition is logically gone (until you re-decrypt the whole thing back). Next version will fix it, the team promises. Hagai. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]