TrueCrypt: Free, On-the-Fly Disk Encryption - Performance, Security
(Page 3 of 4 )
TrueCrypt implements two significant software development practices that certainly improve performance and the way data gets crunched. Parallelization is the first one; it basically gets the most out of multi-core processors by using multi-threading execution. The data is split and deployed to all of the cores, so each works its share.
Another development trick is called pipelining. This kind of execution allows the data to be worked on prior to causing a performance hit (such as a lag or delay). In short, pipelining is asynchronous execution. This means loading stuff that's going to be required into the RAM (filling up the "pipes" in some sort of fashion), allowing the tasks to be carried out in such a way that the application (that required the encrypted data) does not halt.
However, we need to realize that no encryption algorithm can ever be as fast as direct data accessing and execution in native form. There is no ideal algorithm that can do that, since it takes clock cycles to encrypt and decrypt the data, it takes system resources to load them up (from place A to place B), and the entire process of inter-exchanging data also takes time. Therefore, there is a hit on performance, as expected.
But when all of the factors come into play, encryption does offer so many benefits that usually, especially in the case of business workstations, the small reduction in performance is worth it. Consider mobile notebooks, EEPCs, BlackBerries, optical discs, external HDDs, thumb drives, or any sort of storage medium that can get compromised. Businesses keep important data in these media, not just silly IM chat logs. The performance hit is usually unnoticeable in everyday usage.
In the case of modern machines (especially since most notebooks are also based on multi-core processor technologies and with large L2 caches), the performance hit can only be proven by using benchmarking utilities and applications that do "raw tests" on encrypted disk volumes such as writing/reading sequentially and randomly. This way, yes; when the results get organized into fancy charts, there is a noticeable difference.
We can affirm without any doubt that any company or firm that understands the risks involved in being careless is going to use and implement some sort of encryption framework into their infrastructure. Whether they use TrueCrypt or some other competitive software is quite irrelevant; the bottom line is that, even though by raw numbers there is some sort of slight performance penalty, it does not keep employees from being productive.
In terms of security, TrueCrypt's renowned function is the capability to provide partitions (that may or may not contain operating systems) that are not only encrypted, but also hidden. The way all of this happens provides some sort of plausible deniability for the fact that there is any kind of data encrypted. It's a tricky concept, but it's possible, since there is no way to prove encryption physically (there are no traces or headers left).
This goes a long way, and there are always long discussions with hundreds of arguments, since some tools can prove with a reasonable suspicion the existence of such a hidden encrypted volume. These are all areas which computer forensics really gets into. But "reasonable suspicion" isn't physical proof, just high probability.
As for getting the actual data in an unencrypted shape, it is impossible if the user practiced all of the good security habits, the overall security of the machine wasn't compromised (running unauthorized executables under administrator rights that may act as keyloggers or rootkits to tamper with MBR), and if strong passwords/keys were chosen -- and of course the user is not forced to reveal the password(s) by adversary forces.
KEITHLEE2/home/servers/www.devhardware.com/www/zdeconfigurator/configs/INFUSIONSOFT_OVERLAY.php/home/servers/www.devhardware.com/www/zdeconfigurator/configs/ OFFLOADING INFUSIONSOFTLOADING INFUSIONSOFT 1debug:overlay status: OFF overlay not displayed overlay cookie defined: TI_CAMPAIGN_1012_D OVERLAY COOKIE set: status off