encryption - Does software-based OTFE cripple SSD performance without CPU AES?
2014-07
Nucking Futz
Sorry for the alphabet soup.
- I want to use software-based on-the-fly AES file encryption
- I will not use full disk encryption (only file and partition).
- This would be on an older Core 2 system, so there is no AES instruction set.
Will this render any SSD performance gains moot?
Edit: I know not to use an SSD that utilizes encryption as a wear-leveling mechanism (ie.: not a Sandforce controller)
Nucking Futz
Well, I gave up researching, so I just bit the bullet and bought one anyway. Initial tests show minimal to no performance loss in a basic OS bootup test (Win7 x86), so I'm satisfied to say the answer to this question:
Will an SSD's performance gains be lost on an AES-encrypted system that has a CPU with no AES instruction set, such as an Intel Core 2?
...is No. The performance is roughly equal, possibly negligibly less.
The bootup process was maybe 3-5 seconds slower after encrypting.
user10762
SSDs, particularly of the common MLC variety, have a limited number of writes before the memory cells wear out. Through the use of wear leveling algorithms this is effectively worked around so that the drive has a useful lifespan. The other side of the wear leveling is that it improves performance by writing to unused blocks rather than the much slower operation of reading, erasing, writing to an existing used block. But these algorithms rely on their being unused blocks available.
So the question is what happens if you encrypt the entire drive with something like BestCrypt or TrueCrypt? Both of these will write what looks like random data to the entire drive. Will this effectively put the drive into a fully used state and how will this effect the wear leveling and performance of the drive?
I know that some drives do reserve some of their capacity for this very reason. Where you see a drive advertised as a 60 or 120GB drive it is probably a 64 or 128GB drive with some of its capacity reserved and unavailable for your use. But do the drives that advertise themselves as 64/128/256GB also reserve space in this way or do that rely purely on the drive never being completely filled to have available blocks for wear leveling?
...
I am probably worrying about something that really isn't going to be a problem in practice. But I am rather curious about how smart the wear leveling algorithms are. Do they allow for continuous read/modify/write to a drive that appears to be completely full?
davr
Honestly you don't need to worry about wear-leveling or the number of writes per cell. You'll never hit the limit in a reasonable number of years. Lots and lots of info already posted here
Now some SSDs have an issue where they lose up to 20% or something like that of their performance, once they get close to full. If your disk encryption truly writes random data to the entire drive, this would make it appear to be full to the SSD controller. In that case you might experience this slowdown, if you have one of the affected drives. Though to put it in perspective, if you have a quality SSD, like the Intel x25-m, even with the slowdown it will still be miles faster than any HDD.
ultrasawblade
Wear leveling can work when the drive is full. SSD drives have spare sectors just like HDDs. The firmware can use these sectors (or other internal memory) to copy and swap full, already-programmed sectors. It will be slower than writing to unprogrammed sectors, of course.