01 March 2012

In external devices, less encryption is better?

When you use a weak encryption thinking in speed port, can you fall in the error, for better data performance, use faster encryption algorithm and simple keys seems be the correct way, I think this isn't shrinks to reality.

In all wide-used operative systems today, the data between devices is transferred using DMA as transfer scheme, this method implies don't disturb the CPU between consecutive reads and dump to a buffer memory, this isolate the cpu from unwanted "attention needed" signals to cpu from device, this isolated cpu is idle at 100% of time, free for normal system use without any handycap related to read or write to device.

When you encrypt a external device memory, using trueCrypt or other "portable" encryption solutions, the application have two task to do... "read/write from device" and "encrypt/decrypt the data", this two tasks seems a serial actions, but it isn't valid with DMA's tecnology (and a really old tecnology now) in serial reads, when you copy a file or something "big" (a serie of data) the process is in paral.lel with DMA, encryption of next cluster and write current cluster can be done at same time, and the speed limit is in two points, disk access time and encryption/decryption speed.

If you device speed is 10Mb per second, you don't need to use a basic AES encryption, you can use Serpent-Twofish-AES in serial, with 60Mb per second, 6x times more speed than device itself. This is time don't used by the encryption software, sleeping, waiting for DMA inquiry. Why not use this hardware situation to protect more your data with more strong encryption algorithm without speed-down your data access?

Posted at BinaryCell

No comments:

Post a Comment

Disclaimer: In no event shall the blog owner, be liable for any damages, including without limitation, special, indirect or consequential damages, or any damages, whatsoever resulting from access or use, or inability to access or use this Website or arising out of any materials, information, qualifications or recommendations on this Website.