Jump to content



Photo

SSD and Drive Encryption


  • Please log in to reply
19 replies to this topic

#1 garethevans1986

garethevans1986

    Neowinian

  • Joined: 01-April 04
  • Location: Gogledd Cymru / North Wales

Posted 09 December 2013 - 10:29

All,

 

My current laptop I use for work holds clients data on so I've got the drive encrypted using TrueCrypt. I'm looking to swap the HDD with an SSD to see if this will improve performance but still want to encrypt the disk - so I was wondering whether anybody else has done the same and had problems before?

 

The SSD I've purchased is http://www.ebuyer.co...dssdhp-256g-g25

 

If I can't use it in the laptop then it'll go in my workstation in the office instead :)

 

Thanks

GE




#2 articuno1au

articuno1au

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 20-March 11
  • Location: Brisbane, Australia

Posted 09 December 2013 - 11:18

It can be done. Depending on the processor in the computer, it should keep up comfortably, but if you have something really slow you might see a bottleneck.

 

SSDs are no different to an OS than a HDD. You have nothing to worry about here :)



#3 Torolol

Torolol

  • Joined: 24-November 12

Posted 09 December 2013 - 11:33

but you might not want to change the encryption key too often,
as it would means more massive re-writing to the SSD,
and that could easily depletes the SSD's over-provisioning
especially if theres much data that need to re-encrypted.

#4 OP garethevans1986

garethevans1986

    Neowinian

  • Joined: 01-April 04
  • Location: Gogledd Cymru / North Wales

Posted 09 December 2013 - 12:07

but you might not want to change the encryption key too often,
as it would means more massive re-writing to the SSD,
and that could easily depletes the SSD's over-provisioning
especially if theres much data that need to re-encrypted.

 

This is my main concern at the moment, too much writing to disk will kill the drive quicker....especially if the rest of the unused space on the drive is filled too.

 

Thanks

GE



#5 articuno1au

articuno1au

    Neowinian Senior

  • Tech Issues Solved: 2
  • Joined: 20-March 11
  • Location: Brisbane, Australia

Posted 09 December 2013 - 12:12

This is my main concern at the moment, too much writing to disk will kill the drive quicker....especially if the rest of the unused space on the drive is filled too.

 

Thanks

GE

Yeah, but that's part of a disks life cycle. Honestly, completely writing the disk for a full drive encryption, then changing the key will, at most, take 3 write cycles.

 

That's not enough to worry the disk. Also, the disk is designed to deal with that, so it won't actually write all over the disk.

 

Don't worry about the number of writes, it won't effect you unless you are repeatedly writing all over it. Just do it and keep an eye on the smart read outs if you are concerned.

 

I've abused the hell out of a Vertex 2 for years, no issues at all. Doing it to a Vertex 4 now, same answer :)



#6 +Odom

Odom

    Neowinian Senior

  • Tech Issues Solved: 1
  • Joined: 09-August 06

Posted 09 December 2013 - 14:08

What articuno1au said (Y)

 

Unless you write 10GB of data more than a few times a day, every day of a year, don't worry about the life-cycle of the SSD.



#7 Jason S.

Jason S.

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 01-September 03
  • Location: Cleveland, Ohio

Posted 09 December 2013 - 14:16

i use encryption on my work laptop that has an SSD. i see no performance degradation. works just fine.



#8 +snaphat (Myles Landwehr)

snaphat (Myles Landwehr)

    Electrical & Computer Engineer

  • Tech Issues Solved: 29
  • Joined: 23-August 05
  • OS: Win/Lin/Bsd/Osx
  • Phone: dumb phone

Posted 10 December 2013 - 01:08

Until two months ago, I used Truecrypt to encrypt both my laptop and work PCs (with SSDs) (this was probably for a period of 2 years in total). The only issues I had were as follows:

  1. It can take time to start from hibernation because it has to decrypt the stored hibernation files. This is MUCH slower than just booting up from shutdown (possibly 3-5 minutes). Keep in mind laptop had no hardware AES instruction support, and that might make a difference.
  2. Windows won't be able to do an update with an encrypted boot drive. I had to reverse the decryption to upgrade from Windows 8 to 8.1. Which brings me to number 3...
  3. If there is some sort of corruption, this could leave your drive unable to be decrypted completely. I had to completely clobber my work PC drive because after my drive was ~95% decrypted, it BSOD'd and would BSOD if I tried to continue the decryption process from then on*. 

* Note: It was also not possible to chkdsk/scan to repair the drive either because that would cause Truecrypt to try to decrypt the corrupted data and result in a BSOD (this shouldn't come as a surprise). I could still boot and run the OS, presumably, fine even with the corruption.



#9 primexx

primexx

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 10 December 2013 - 01:15

don't use TrueCrypt or software encryption on SSDs. They're already encrypted you just have to set an ATA password for the drive in BIOS. It didn't do #### for HDDs because HDDs aren't by themselves already encrypted, but with SSDs the ATA password is used to encrypt the encryption key that is used to encrypt the actual SSD itself by default. This way you don't suffer any performance or wear hits at all because the drive is doing exactly what it would have done anyway.



#10 +snaphat (Myles Landwehr)

snaphat (Myles Landwehr)

    Electrical & Computer Engineer

  • Tech Issues Solved: 29
  • Joined: 23-August 05
  • OS: Win/Lin/Bsd/Osx
  • Phone: dumb phone

Posted 10 December 2013 - 01:21

don't use TrueCrypt or software encryption on SSDs. They're already encrypted you just have to set an ATA password for the drive in BIOS.

 

Good point, the problem I had with my laptop (and work PC) is that neither supported this feature which was the only reason I rolled Truecrypt instead.

 

EDIT: Ack, I just checked in the middle of my post and it appears the OPs drive doesn't have built in encryption!



#11 primexx

primexx

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 10 December 2013 - 01:21

Good point, the problem I had with my laptop (and work PC) is that neither supported this feature which was the only reason I rolled Truecrypt instead.

 

EDIT: Ack, I just checked in the middle of my post and it appears the OPs drive doesn't have built in encryption!

 

oh, well that's news to me... and sucks for OP i guess.



#12 +snaphat (Myles Landwehr)

snaphat (Myles Landwehr)

    Electrical & Computer Engineer

  • Tech Issues Solved: 29
  • Joined: 23-August 05
  • OS: Win/Lin/Bsd/Osx
  • Phone: dumb phone

Posted 10 December 2013 - 01:28

oh, well that's news to me... and sucks for OP i guess.

 

I had completely forgotten that THAT was the issue with my Intel x25-m and not the laptop itself until you mentioned the drive encryption. I honestly wasn't even aware they were still making drives that weren't encrypted. I hope the evo 840 i just bought is...



#13 primexx

primexx

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 10 December 2013 - 01:47

I had completely forgotten that THAT was the issue with my Intel x25-m and not the laptop itself until you mentioned the drive encryption. I honestly wasn't even aware they were still making drives that weren't encrypted. I hope the evo 840 i just bought is...

 

the evo is.



#14 T3X4S

T3X4S

    Neowinian

  • Tech Issues Solved: 1
  • Joined: 28-October 13

Posted 10 December 2013 - 01:51

Is worrying about disk rewrites as dumb as arguing over which thermal paste to use ?

Are we fretting over shaving a year off of a 75 year life span ?

Somethings that are geek-raged over are a little silly like the difference in 2 degrees in thermal paste, or that an SSD with 1.5 million hours MTBF "sucks compared to 2 million MTBF"

 

Im asking not mocking.



#15 primexx

primexx

    Neowinian Senior

  • Tech Issues Solved: 6
  • Joined: 24-April 05

Posted 10 December 2013 - 01:54

Is worrying about disk rewrites as dumb as arguing over which thermal paste to use ?

Are we fretting over shaving a year off of a 75 year life span ?

Somethings that are geek-raged over are a little silly like the difference in 2 degrees in thermal paste, or that an SSD with 1.5 million hours MTBF "sucks compared to 2 million MTBF"

 

Im asking not mocking.

 

more like 10-25 years at really high write rates. which is still wayy more than the vast majority of people will ever use before upgrading (or failure, i guess, the flash cells probably have much longer lifespans than every other component in the drive).





Click here to login or here to register to remove this ad, it's free!