As you can format a LUKS volume with any filesystem you want, are certain filesystems better-suited to IO performance against an encrypted filesystem? Specifically, I’m wondering about a loop device with a file sitting on an
ext4 partition. As all data written to the filesystem is encrypted, do certain filesystems write less metadata or write it more efficiently? Would
ext3 perform better than
ext4 on an encrypted loopback filesystem?
I’ve been running LUKS encrypted filesystems for over a decade, with ext2/3/4, XFS, ZFS and maybe some other filesystems I’ve forgotten about. While I don’t have any benchmarks handy, I do have a few notes to share:
The only real performance issue you have with LUKS is the encryption and decryption itself. This introduces some latency to the process and has the potential to make disk I/O CPU-bound. On older systems without hardware AES acceleration on-chip, this was a significant issue. Today, as long as you have AES-NI in your processor and a kernel from this decade, it’s almost unnoticeable for moderate workloads. Better still if you have a recent (3.x+?) kernel which can do crypto in multiple kernel threads.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.