I just bite the bullet and go with LUKS. Xts is pretty quick.
Mason Sanchez
Maybe in a few decades we'll have fully homomorphic encryption built into operating systems. The demand is already there with cloud systems.
Nathaniel Brown
Only makes sense when the computing provider isn't trustworthy (aka cloud computing). I really hope homomorphic encryption becomes popular and cheap but it's useless for computing on trusted hardware.
Brayden Wilson
You have to be autistic to notice a performance loss with AES
>600 MB/s instead of 700 MB/s >how will I cope
Wyatt Fisher
MB/s If that's your actual AES throughput you have a shitty CPU. With the hardware AES stuff you are in the GB/s.
Joshua Rodriguez
No user those numbers are for SSD read speeds before and after.
Dylan Flores
Yes? And I was telling the idiot that there won't be a CPU bottleneck unless they are using a piece of hardware without hardware AES units.
Might be a bit different for random IO though, since I think it needs to set up the AES engine more often then, and that could indeed be a limiting factor.
Zachary Kelly
Theft, nigga
>15% reduction in throughput >You have to be autistic
Tyler Barnes
Doesn't hardware encryption have backdoors in it?
Luke Moore
Yes you lose performance if you use software encryption.
Liam Russell
use ssd hardware encryption
Adrian Hernandez
Yeah I'll notice when I'm trying to access terabytes of trap porn as fast as possible.
Lucas Powell
>Theft, nigga
Are you actually this dense? Unless you want to protect against coldboot like attacks, this is just inane.
And if your target is actual coldboot like attacks, you can't do anything with the data you are doing your homomorphic encryption on.
And let's not start talkinga bout the CPU and memory overhead of any currently possible implementation.
Brody Ross
>backdoored shit i'd rather have no encryption
Michael Sanders
This is a problem I actually have
Ayden Butler
>i'd rather have no encryption that's not very logical. It's hard to say if it's backdoored, probably not. They are selling this to corporations and a backdoor would be a big shitshow. Unless you're a terrorist it's not going to matter because nobody is going to use a secret backdoor to catch you.
Jaxon Hall
Tldr: don't listen to the nocrypt niggers in this thread
SSDs are very hard to wipe properly so often the ONLY solution is to write encrypted data and nothing else. You'll never notice the difference in performance with AES stop being retarded.
Jaxson Rodriguez
The super common samsung ssds are advertised as hw encrypting but there is seemingly no way to actually change the keys with most consumer soft/hardware afaik. Does anyone actually know how to use that crap?
Justin Cox
it wouldnt be, it would be just a "hack" or security hole which would be patched quick after its public release, the makers of hdd/ssd woud just say that they were hacked (probably by russians or something) and shit happens
Jackson Roberts
Don't use hw encryption on drives. IIRC the keys are saved at the factory in case law enforcement want them. Not being able to modify how it works is intentional.
Juan Phillips
um you are encouraged to change the key, that's how ssd secure erase works in fact
Liam Hughes
(((secure)))
James Hernandez
you cannot access the mechanism responsible for generating and storing of master keys. I do not exactly knw how hardware encryption works on popular drives but who is to say that the copy of generated key is not stored somewhere on a drm chip or that the actual keys are secure and unbreakable? are master keys even generated at all? it could be the case that secure erase basically just deleting internal file table/block structure, or just making a new table elsewhere on ssd, so while dumping whole ssd on your win laptop will only give you old encrypted raw data, with specialist hardware it may be possible to recover all sectors including old table of internal structure, in anyway there tons of possibilities how hardware encryption and "secure erase" could be compromised by drive manufacturers
Camden Fisher
hardware reverse engineering is not outside the realm of corporations. I think it would have leaked by now. Anyway worrying about ssd encryption is pretty pointless when you have a blackbox ME running on your cpu (or amd's equivalent)...
Jason Gutierrez
>using any non-thermite method for secure erase >taking a hardware manufacturer's word on anything
Daniel Perry
The real problem is trim. If you want to hide empty space, you have to fill it with random data. But if you do that, you can't trim it or mark the blocks as unused. This is a negative for wear leveling and life span of the drive.
Sebastian Lewis
Also this. SSDs tend to have hidden blocks which are used to replace any bad blocks and are used in wear leveling. These blocks are not normally accessible by anything the device is attached to, as they are only used internally. These blocks could hold important information which could be telling.
Logan Cook
why would they do that? they are 'assured' by drive manufacturers that their encryption is good, if it gets hacked big time they will sue or claim insurance, if they deal with western governments (and most do) then that would be like shooting your corporation in the foot, guberment is good and is protecting corporations using various methods (installing goverment backdoor to 'protect' citizens is one of them)