Sign in with
Sign up | Sign in

Conclusion: AES-NI Preserves Performance Reserves

Protect Your Data! TrueCrypt 7.0a's Performance, Analyzed
By , Achim Roos

When it comes to a basic assessment of TrueCrypt, the benchmark results do not really matter that much. The open source program is a mature and highly recommended security solution that allows you to effortlessly encrypt partitions and hard drives, keeping files and folders on your computer safe. Regardless of whether you are running TrueCrypt on Windows, Mac OS, or Linux, the files selected by the user are encrypted using strong algorithms, at all times protected from access by unauthorized third parties.

Its versatility enabled even the previous TrueCrypt version 6.1 to stand out from competitors, such as BitLocker. It only lacked AES-NI support. This has now been taken care of in TrueCrypt 7.0a, finally making it our encryption tool of choice. We're even extending that recommendation to computers without hardware acceleration of AES. Compared to an unencrypted system, TrueCrypt encryption does affect system performance (as expected). But it in no way interferes with the user, and it doesn't demonstrate a performance impact that would be noticeable on a mainstream PC.

However, you should not install TrueCrypt by default if you are running a system that relies heavily on I/O (a database server, for example). Even if it can handle real-time encryption, the program cannot match the I/O performance and data throughput of an unencrypted system yet.

Exploiting the AES-NI instruction set is highly recommended if your computer is equipped with an Intel CPU that offers the feature. This includes the 32 nm Clarkdale-based processors, six-core Gulftown-based CPUs, and second-gen Core i5/i7 chips that center on Intel's Sandy Bridge architecture (Sandy Bridge-based Core i3s do not support AES-NI, unfortunately).

For simple encryption, the performance gain attributable to AES-NI is not that large compared to standard non-accelerated AES encryption. However, the CPU load drops significantly when the feature is active, giving the computer more power reserves and enabling even higher levels of security if necessary. AES-NI-compatible systems allow for more flexibility when setting up the encryption, and can handle a double encryption without any noticeable performance hit.

React To This Article