I always wanted to encrypt my laptop disks, however the performance impact with software AES on 2.5″ HDDs is just too significant to ignore. Recently, I bought a laptop with an i5 580M (with AES-NI), coupled with a 120GB G.SKILL Phoenix Pro SSD (SF-1200). On the i5 580M, Truecrypt can get over 1GB/s with AES-NI, and it supports SSD TRIM commands. I thought I can finally have FDE without a noticeable performance penalty.
Well, I was wrong. It turns out FDE and SSD do not mix, and not just because of performance issues. But first, some benchmarks.
The unencrypted throughput seems consistent with other SF-1200 drives when processing incompressible data. The throughput of the encrypted drive is noticeable lower, especially for 4K operations. Applications do launch faster on an unencrypted disk by a few seconds, but it is still much better than platter drives and definitely usable.
The bigger problem is that encrypting the whole drive is essentially equal to completely filling the drive with data, a no-no on flash devices. Because all the empty sectors are still encrypted (and written to the SSD), there are no blocks left for wear leveling (except the reserve blocks), and TRIM is essentially useless until you start deleting a large amount of data. To confirm this, I formatted the drive (so now it is “empty” and unencrypted), and reran the benchmarks. The read speeds were back to pre-encryption levels, but the write speeds stayed low.
Anecdotal evidences suggest that if an unencrypted partition is left on the drive, then wear leveling and TRIM will have more resources to work with, and therefore increase the SSD’s performance and extend its lifespan. But with a 120GB SSD, every gigabyte is precious, and wear leveling still has significantly less resources.
The last problem with FDE is specific to Sandforce drives. Sandforce controllers compress data before writes, which increases both the speed and reliability of the SSD. Encryption makes compression impossible, making encrypted SSDs even slower than benchmarks would suggest.
Unfortunately all of these cons out weight the security benefits of FDE compared to encrypted containers. I guess I’ll have to wait few more years for FDE and SSD to mature.
December 3, 2010 at 7:11 PM
Thanks for sharing, just the information I was searching for. Too bad about your conclusions. Peace!
December 3, 2010 at 7:31 PM
Since that post I’ve actually moved to a setup of 30GB encrypted partition, 80GB unencrypted, 10GB unallocated. It seems to fix the write penalty for sequential data. The 4KB penalties are about the same but only on the encrypted partition. I only encrypt the OS and some small programs (browsers) and user sensitive data.
December 3, 2010 at 8:57 PM
Are you sure it is really secure to only encrypt a partition of the SSD? “Due to security reasons, we recommend that TrueCrypt volumes are not created/stored on devices (or in file systems) that utilize a wear-leveling mechanism (and that TrueCrypt is not used to encrypt any portions of such devices or filesystems).” http://www.truecrypt.org/docs/?s=wear-leveling
December 3, 2010 at 9:31 PM
Wear leveling means when you overwrite a file, it might not be overwritten on disk. If it is already encrypted, there is no problem.
Encrypting only one partition does have its risks, but if you are careful not to install applications that save private data on the unencrypted partition, and use symlinks when required to move large files onto the data partition, it’s more than secure enough.
There are much weaker chains than encryption guarding your information. I mainly view encryption as a way to prevent nosy thieves from gaining access to my personal information.
February 17, 2011 at 5:18 PM
Hmm, what would just encrypted single files/folders? Ie, encrypting all of \windows and your user directory? (and possibly Program files)
(As well as your swap file, possibly. Or just disable it)
Just wondering what performance difference you’d see with file/folder encryption instead of FDE/partitions?
Was thinking of getting a new SF-2500 when it comes out once I build my Z68/67 sandy bridge box!
February 17, 2011 at 5:30 PM
If you’re encrypting that much stuff (user/program/windows files), you might just well carve out a whole partition to encrypt. The performance penalty will be just as bad if not worse. TRIM might have more space to work with, but you’ll be past the region of diminishing returns.
February 23, 2011 at 9:45 PM
How does the overall “response” of your system feel, using the encrypted 30GB partition, as compared to a totally unencrypted system?
I was planning to partition 20GB for W7 (using 7customizer to slim the installation, remove pagefile, etc) and encrypt it, while leaving the remainder of the 120GB SSD drive for programs and games – unencrypted.
Would my large unencrypted partition perform at full SSD speed? (which is where all my applications, except browsers, would be installed)
February 23, 2011 at 9:51 PM
I have to say I don’t really notice a difference. Windows 7 is pretty well optimized regarding disk I/O.
I haven’t noticed any performance penalty on the unencrypted drive.
February 23, 2011 at 10:13 PM
Thank you for the blog and response. Would it be sensible to conclude your benchmarks for your unencrypted partition (D:) score similar to a totally unencrypted drive?
I was also wondering how important is that 10GB unallocated section you’re using. What is this for? My plan was 20GB and the rest partitioned to (D:), do you suggest against this?
February 23, 2011 at 10:52 PM
As far as I know, the benchmarks scores are about the same. The 10GB (well, 7GB now) is a buffer, like the 8GB already reserved by the manufacturer. I read somewhere that after 15GB of reserved space you reach diminishing returns regarding TRIM. But the 8GB already reserved is probably enough.
March 24, 2011 at 10:55 AM
Would it have helped to use Truecrypt’s Quick Format option, which does not fill the entire disk with random data? The only downside of the Quick Format, as I understand, is that a snoop can see how much of the disk you’ve used — a non-issue for me.
March 24, 2011 at 11:16 AM
I don’t think that was an option when I tried it, but it should give you the same performance as a small encrypted partition. You are giving up quite a bit of security to do so (*), but as a precaution against nosy thieves it should be more than good enough.
* A large portion of data that was on the disk before encryption might still be there unencrypted due to wear-leveling, which means if by some strange occurrence your encryption password got dumped to the page file (it is suppose to be locked, but you’d never know) or hibernation file, it is possible that after encryption, your password will still exists in plaintext on the SSD until TRIM manages to clear those sectors.
May 26, 2011 at 2:51 AM
Hi,
excellent article! Just a question, if I were to do a full disk encryption with truecrypt 7.0a and then delete a partition to free disk space, would the wear-levelling then be able to utilize this free space? And if so, do you think 5-10% is enough for effective wear levelling?
Thanks in advance!
Best regards,
Matti
May 27, 2011 at 9:30 PM
If the operating system supports TRIM, it should notify the disk that the sector’s are freed. 5-10% is plenty of wear-leveling especially when you consider the space manufacturers reserved already.
May 29, 2011 at 4:36 AM
Excellent, thanks! I am running Win7 professional, so that should be ok… Thanks again for the information!
Best regards,
Matti
August 20, 2011 at 3:37 PM
How would you restore the write speeds back to pre-full disk encryption?
August 20, 2011 at 5:24 PM
Most SSD have a secure erase command. I use UBCD and use the erase disk utility that’s included.