Tuesday, March 18, 2008

Whole drive encryption and disk performance

I've been interested in volume encryption for a while. TrueCrypt ticks all the boxes. Being a piece of security software it should be open source (you don't want any back-doors after all). One thing peaked my interest on a recent edition of Security Now! - Steve Gibson discovered that booting Windows off a system partition that has the TrueCrypt driver installed gives a system that has a significant improvement in disk performance;

...so I wrote a little batch file using that EndTimer tool and the Windows defrag and Vopt and Windows defrag. I ran those three in sequence. With no encryption, Windows defrag took 8 minutes and 35.765 seconds. Vopt took 4 minutes and 31.046 seconds. And then a final Windows defrag took 1 minute, 54.765 seconds. Okay, so just look at the first number, 8 minutes and 35 seconds. I did it; I did it again. That is, I restored the image, ran the script again, and it was 9 minutes and 1 second. So, you know, about 8 minutes and 45 seconds on average. And the difference are just we're doing a lot of head-seeking. And so where the disk's rotation happens to be is going to affect timing a little bit.
They say on their web page that they've got 100 percent pipelining of some sort. Apparently once upon a time it was too slow, and boy did they fix it.

I intend to start using TrueCrypt - so I'll blog about it when I've got it figured.

No comments: