Page 1 of 1

PI3 for file encryption solution

Posted: Fri Mar 25, 2016 11:12 am
by Unforgiven11
Hi,

atm I'm running an file server based on Ubuntu with file encryption via luks/dm-crypt for the data hdd. The idea behind it is to have a good security in the case that the server or hdd is stolen.

Now I'm considering using a raspberry pi 3 for this task. Can someone please run the following code on a rpi3?

Code: Select all

cryptsetup benchmark


Besides this way, does it make sense to use owncloud with the encryption app for my task instead?

Best regards

Re: PI3 for file encryption solution

Posted: Fri Mar 25, 2016 6:17 pm
by cjdawson
Here's the results from my PI 3.

# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1 152409 iterations per second
PBKDF2-sha256 100824 iterations per second
PBKDF2-sha512 21700 iterations per second
PBKDF2-ripemd160 139438 iterations per second
PBKDF2-whirlpool 10604 iterations per second
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b 26.5 MiB/s 29.3 MiB/s
serpent-cbc 128b N/A N/A
twofish-cbc 128b N/A N/A
aes-cbc 256b 21.8 MiB/s 23.0 MiB/s
serpent-cbc 256b N/A N/A
twofish-cbc 256b N/A N/A
aes-xts 256b 28.4 MiB/s 28.6 MiB/s
serpent-xts 256b N/A N/A
twofish-xts 256b N/A N/A
aes-xts 512b 22.9 MiB/s 22.5 MiB/s
serpent-xts 512b N/A N/A
twofish-xts 512b N/A N/A

Re: PI3 for file encryption solution

Posted: Sat Mar 26, 2016 9:05 am
by Unforgiven11
Thank you cjdawson,

did you have to do some extra work i.e. compile special kernel/modules or so to get it running or just installed cryptsetup?

What do you think in general about what I plan to do? Does it make sense? The encrypted HDD will be connected by USB.

Regards

Re: PI3 for file encryption solution

Posted: Sun Apr 03, 2016 5:39 pm
by Unforgiven11
Could someone please run the following commands on an attached usb-storage to test the speed and post the results for an pi3?

Code: Select all

dd if=/dev/zero of=tempfile bs=1M count=1024 conv=fdatasync,notrunc 
echo 3 | sudo tee /proc/sys/vm/drop_caches 
dd if=tempfile of=/dev/null bs=1M count=1024 
dd if=tempfile of=/dev/null bs=1M count=1024 
rm tempfile