Version Information



Yüklə 5,12 Kb.
Pdf görüntüsü
səhifə49/130
tarix07.01.2024
ölçüsü5,12 Kb.
#205371
1   ...   45   46   47   48   49   50   51   52   ...   130
TrueCrypt User Guide

Pipelining 
When encrypting or decrypting data, TrueCrypt uses so-called pipelining (asynchronous 
processing). While an application is loading a portion of a file from a TrueCrypt-encrypted 
volume/drive, TrueCrypt is automatically decrypting it (in RAM). Thanks to pipelining, the 
application does not have wait for any portion of the file to be decrypted and it can start loading 
other portions of the file right away. The same applies to encryption when writing data to an 
encrypted volume/drive. 
Pipelining allows data to be read from and written to an encrypted drive as fast as if the drive was 
not encrypted (the same applies to file-hosted and partition-hosted TrueCrypt volumes).
*
Note: Pipelining was introduced in TrueCrypt 5.0 and it is implemented only in the Windows 
versions of TrueCrypt. 
*
Some solid-state drives compress data internally, which appears to increase the actual read/write speed when the data 
is compressible (for example, text files). However, encrypted data cannot be compressed (as it appears to consist solely 
of random "noise" without any compressible patterns). This may have various implications. For example, benchmarking 
software that reads or writes compressible data (such as sequences of zeroes) will report lower speeds on encrypted 
volumes than on unencrypted volumes (to avoid this, use benchmarking software that reads/writes random or other kinds 
of uncompressible data). 


64 
Hardware Acceleration 
 
Some processors (CPUs) support hardware-accelerated AES encryption,
*
 which is typically 4-8 
times faster than encryption performed by the purely software implementation on the same 
processors.
By default, TrueCrypt uses hardware-accelerated AES on computers that have a processor where 
the Intel AES-NI instructions are available. Specifically, TrueCrypt uses the AES-NI instructions 
that perform so-called AES rounds (i.e. the main portions of the AES algorithm).

TrueCrypt does 
not use any of the AES-NI instructions that perform key generation. 
Note: By default, TrueCrypt uses hardware-accelerated AES also when an encrypted Windows 
system is booting or resuming from hibernation (provided that the processor supports the Intel 
AES-NI instructions). 
To find out whether TrueCrypt can use hardware-accelerated AES on your computer, select 
Settings

Performance
and check the field labeled ‘
Processor (CPU) in this computer supports 
hardware acceleration for AES
’. 
To find out whether a processor you want to purchase supports the Intel AES-NI instructions (also 
called "AES New Instructions"), which TrueCrypt uses for hardware-accelerated AES, please 
check the documentation for the processor or contact the vendor/manufacturer. However, note that 
some Intel processors, which the Intel website lists as AES-NI-supporting, actually support the 
AES-NI instructions only with a Processor Configuration update. In such cases, you should contact 
the manufacturer of the motherboard/computer for a BIOS update that includes the latest 
Processor Configuration update for the processor. 
If you want to disable hardware acceleration of AES (e.g. because you want TrueCrypt to use only 
a fully open-source implementation of AES), you can do so by selecting
 Settings

Performance 
and disabling the option ‘
Accelerate AES encryption/decryption by using the AES instructions of 
the processor
’. Note that when this setting is changed, the operating system needs to be restarted 
to ensure that all TrueCrypt components internally perform the requested change of mode. Also 
note that when you create a TrueCrypt Rescue Disk, the state of this option is written to the 
Rescue Disk and used whenever you boot from it (affecting the pre-boot and initial boot phase). 
To create a new TrueCrypt Rescue Disk, select 
System

Create Rescue Disk

Note: Support for hardware acceleration was introduced in TrueCrypt 7.0. 
*
In this chapter, the word 'encryption' also refers to decryption. 

Those instructions are 
AESENC

AESENCLAST

AESDEC
, and 
AESDECLAST
and they perform the following AES 
transformations: 
ShiftRows

SubBytes

MixColumns

InvShiftRows

InvSubBytes

InvMixColumns
, and 
AddRoundKey
(for 
more details about these transformations, see [3]). 


65 

Yüklə 5,12 Kb.

Dostları ilə paylaş:
1   ...   45   46   47   48   49   50   51   52   ...   130




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin