Interested in how performance estimates can be done and what’s the theory behind it? You’re lucky: Here we go.
As a start we need some numbers to work with. We got them here by doing some benchmarks with a RAM disk and the Linux cryptsetup tool. Both tests report the maximum possible performance of each component.
However we’d like to know what values we can expect when combining those two.
Just for you to remember: Those are the values we got:
| cryptsetup | fio (/dev/ram0) | |
| Read / Decrypt [MB/s] | 1387 | 2664 |
| Write / Encrypt [MB/s] | 1432 | 2604 |
A little bit of theory
At that point the original article mentioned some back-of-the-envelope calculation, that I didn’t get at first, so I’ll try to explain that in a little more detail. What we did above is, we measured the throughput of two different queuing systems (kernel crypto and I/O performance). Now we’d like to know what a system doing both operations in sequence could achieve.
So we got the throughput of both queues when run independently. The corresponding latency is its inverse (1/throughput). And to get the total latency of our two operations, we add them up. And finally – to get the expected total throughput – we take the inverse of the total latency:
latencycrypto = 1 / throughputcrypto
latencyio = 1 / throughputio
latencytotal = latencycrypto + latencyio
throughputtotal = 1 / latencytotal
Some mathematics …
And once the magic is done we get
throughputtotal = (throughputcrypto * throughputio) / (throughputcrypto + throughputio)
…the final formula…
And filled with our values (data taken from “Write” operation)
throughputtotal = (1432*2604)/(1432+2604) = 924
Filled with our values
So the theoretical maximum of encrypted I/O is somewhere around 924 MB/s.