...
Performance Overhead Comparison (on Dom0)
No Encryption | fscrypt/e4crypt | eCryptfs | dm-crypt(LUKS) | |
Read rate (MB/s) | 23.7 | 20.4 | 19 | 19.9 |
Write rate (MB/s) | 15.9 | 13.6 | 12.7 | 13.3 |
Read overhead % | 0 | 13.9 % | 19.80% | 16.00% |
Write overhead % | 0 | 14.40% | 20.10% | 16.35% |
Performance Overhead Comparison (on DomU)
(With Advantech, CPU power became the bottleneck to run DomU, so DomU tests were run on Supermicro instead)
No Encryption | fscrypt/e4crypt | eCryptfs | dm-crypt(LUKS) | |
Read rate (MB/s) | 15.4 | 15.2 | 12.3 | 13.8 |
Write rate (MB/s) | 10.3 | 10.1 | 8.19 | 9.19 |
Read overhead % | 0 | 1.20% | 20.10% | 10.30% |
Write overhead % | 0 | 1.90% | 20.40% | 10.70% |
EVE will use Native EXT4 encryption
...
If this downgrade behaviour is not acceptable, then we need to explore options of doing disk encryption with EXT4 native encryption on an EXT3 filesystem. But performance of fscrypt on EXT3 filesystem is not as good as a native encryption on EXT4.
STRIDE Threat Modelling
...
Spoofing
Spoofing here refers to getting access to the encryption key by posing as a genuine device. By copying X.509 certificate and the private key of a genuine device, one can make a request to fetch the master encryption key from the Cloud Controller. Once encryption key is made available through this request, data stored on the original device can be decrypted at will. While it is not possible to spoof identity of devices with TPM (since the device certificate is rooted in the TPM), devices without a TPM have this vulnerability. We can mitigate the impact by periodically rotating the master encryption key, or giving an option to change master encryption key for a given edge device through a configuration change from the Controller.
...