[Novalug] Encryption, modern SSDs, and TRIM

Roger W. Broseus rogerb@bronord.com
Sat Sep 29 17:09:47 EDT 2012


Think about changing horses and encrypting partitions with eCryptfs

       http://tinyurl.com/9jo7orn

--
Roger W. Broseus - Linux User
     Email: RogerB@bronord.com
     Web Site: www.bronord.com
     Updated summer 2012 -- pics from travels

On 09/28/2012 07:33 PM, novalug-request@calypso.tux.org wrote:
> -----Original Message-----
> From: Jason van Gumster <jason@handturkeystudios.com>
> Sender: novalug-bounces@calypso.tux.org
> Date: Fri, 28 Sep 2012 18:00:28
> To: NOVALUG<novalug@calypso.tux.org>
> Subject: [Novalug] Encryption, modern SSDs, and TRIM
>
> So I'm in the midst of setting up a new laptop and it's the first time that
> I've really had to do anything with SSDs. This machine actually has two drives:
> an SSD meant for system files and a moving-parts drive intended for data. I've
> gotten into the habit of doing full system encryption on my laptops with
> dmcrypt+LUKS, but after some research, it's my understanding that the way SSDs
> behave presents an interesting dilemma when it comes to encryption.
>
> Specifically speaking, modern SSDs implement TRIM as a measure for aiding
> garbage collection (little background for anyone who doesn't know: SSDs are -
> or have traditionally been - slower at overwriting data than writing to empty
> cells. TRIM works in the background to take cells that are marked as deleted
> and clear them in an effort to maintain speedy write performance. TRIM is
> supported in ext4 and btrfs). This is great for the performance and service life
> of the SSD, but it poses a problem when it comes to encryption. Recommended
> encryption procedure is to fill the disk with random data so that would-be data
> thieves cannot differentiate between real data and noise on an encrypted disk.
> TRIM effectively circumvents this. Even if you start with random data,
> eventually, it's going to be pretty easy to tell the difference between real
> data and empty space. The data's still encrypted, but one layer of security is
> effectively stripped away.
>
> So as far as I can tell, I'm faced with the following options:
>
>    a) Encrypt and keep TRIM enabled - I keep relatively good disk performance
>         and lifetime at the expense of losing a little bit of obscurity about
>         the nature of my filesystem.
>
>    2) Encrypt and disable TRIM - I get good security at the potential expense
>         of reduced performance and drive life. I say "potential" because getting
>         good data on modern SSDs is really difficult. I've read conflicting
>         reports of users simply treating modern SSDs as they would physical
>         disks without much ill effect. The argument in this case is that TRIM
>         was implemented when SSDs sucked a lot more; now they apparently suck
>         less. But most of that is anecdotal. Finding quantitative data to back
>         that assertion up is tough.
>
>    iii) Skip encrypting the SSD and just encrypt the data disk - This is the
>         logical next solution. The only difficulty here is that user data
>         doesn't always live only in /home anymore. Data (or meta-data) is
>         shuffled around to /tmp, /var, and swap fairly often. Now, some of this
>         is navigable (swap file instead of swap partition, tmpfs instead of
>         physical /tmp, etc.)... but not all of it.
>
> Anyhow... that's my rambling diatribe of a dilemma. If you've actually taken
> the time to read this far, I really appreciate it (and apologize profusely). Any
> feedback/suggestion/alternative options would be greatly appreciated. Also,
> feel free to point out any inaccuracies or points I may have missed.
>
> Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.firemountain.net/pipermail/novalug/attachments/20120929/f50f4540/attachment.htm>


More information about the Novalug mailing list