You are not logged in.

#1 2018-07-28 18:36:33

LeftyAce
Member
Registered: 2012-08-18
Posts: 140

[solved] SSD Trim and full disk encryption (dm-crypt+luks)

Hi all,

I'm about to buy an SSD (probably this one unless there are good reasons to pick another one).

I plan to run full disk encryption (dm-crypt + luks), and I have some questions:

For a spinning disk, the correct procedure is to fill the drive with random noise first, so that it's impossible to tell which regions actually contain encrypted data.
If I enable periodic TRIM for the SSD, will that eliminate the benefit of filling the drive with random data? Does TRIM mean that unallocated portions of the SSD are exposed as being empty? In that case, if I decide to run periodic TRIM on my encrypted drive, pre-filling with random noise is a waste of time, right?

According to the wiki, enabling TRIM on a dm-crypt volume "could expose the type of filesystem in use" (see here )
Based on an (old) article linked from the wiki, TRIM can give a ~ 40% speed boost, so to me it seems like that's a good trade if the only consequence is that it leaks the fact that I'm using ext4.

But I'm seeing some comments on the forums that TRIM isn't needed on a "modern" SSD (see: here and here).

So, am I interpreting the interaction between TRIM and dmcrypt correctly? And what's the story on TRIM and "modern" SSDs?

-Lefty

Last edited by LeftyAce (2018-08-11 21:13:41)

Offline

#2 2018-07-29 20:44:18

R00KIE
Forum Moderator
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 4,734

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

Yes, if you use trim it's a waste of time to fill the ssd with random data, and if you do use trim then it will expose which areas of the disk had files erased. The big question here is why you want to use encryption, is it to thwart the random thief or are you trying to go against well funded adversaries?

Regarding using trim or not, personally I would still enable it, even if modern ssds don't slow down as much when full (or not trimmed) I don't see any reason why you should not help the ssd by telling it which areas don't have important data anymore. How you enable it (discard mount option / periodic fstrim) is up to you. I leave the research about the pros and cons of each as homework wink


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#3 2018-07-29 23:31:24

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 16,214

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

Also, this sent me off on a bit of research.  It is not clear to me that encrypted data would not be indistinguishable from truly random data.  It appears that the entropy of the encrypted data may be less than that of random data -- in other words, there may be some structure in the encrypted data, and the extent of the structure would be a function of the effective key strength.  I am not a cryptanalyst,  but I think it might be possible to distinguish "Random" data from encrypted data.  Just pondering in public.


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#4 2018-07-30 21:05:20

R00KIE
Forum Moderator
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 4,734

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

As long as there is an header that can be used to be 100% sure that encryption is being used there is no point in discussing how random the encrypted data looks smile


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#5 2018-07-31 05:30:16

LeftyAce
Member
Registered: 2012-08-18
Posts: 140

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

Thanks everyone. If the only "problem" with TRIM is that it reveals where the encrypted data is (and doesn't make it any easier to break), I'm ok with that. As R00KIE said, the LUKS header kills any hope of plausible deniability.

All I'm protecting is personal financial info, etc. I'm interested in thwarting a random thief. Well-funded adversaries (gov't agencies) already have access to the stuff I'm protecting (through subpoenas to my bank, etc).

Offline

#6 2018-08-11 17:50:51

LeftyAce
Member
Registered: 2012-08-18
Posts: 140

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

Ok, a follow-up question:

Per the nvme section of the wiki,

Note: Although continuous TRIM is an option (albeit not recommended) for SSDs, NVMe devices should not be issued discards.
Intel, as one device manufacturer, recommends not to enable discards at the filesystem level, but suggests the periodic TRIM method...

What is the difference between "enabling discards" and "periodic TRIM"? I understand that periodic trim is not happening continuously, but does dm-crypt block periodic trim by default also? Do I have to enable discards in order for periodic trim to work? And is periodic trim different from "issuing discards" to an NVMe device?

Offline

#7 2018-08-11 20:11:14

R00KIE
Forum Moderator
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 4,734

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#8 2018-08-11 21:13:22

LeftyAce
Member
Registered: 2012-08-18
Posts: 140

Re: [solved] SSD Trim and full disk encryption (dm-crypt+luks)

Thank you R00KIE. I'd stared at that page but it didn't click. The two table headers "Continuous TRIM (discard option)" and "Periodic TRIM (fstrim)" make it clear that they are two different things. I've enabled periodic fstrim. Marking this as [solved].

Offline

Board footer

Powered by FluxBB