{"id":349,"date":"2024-07-24T09:05:01","date_gmt":"2024-07-24T07:05:01","guid":{"rendered":"https:\/\/www.diskigo.com\/blog\/?p=349"},"modified":"2024-07-24T09:14:39","modified_gmt":"2024-07-24T07:14:39","slug":"aes-xts-dans-le-noyau-linux-6-10","status":"publish","type":"post","link":"https:\/\/www.diskigo.com\/blog\/aes-xts-dans-le-noyau-linux-6-10\/","title":{"rendered":"AES-XTS dans le noyau Linux 6.10"},"content":{"rendered":"

Le noyau Linux 6.10 vient d’\u00eatre publi\u00e9<\/a>, int\u00e9grant des am\u00e9liorations significatives gr\u00e2ce au travail d’Eric Biggers<\/a>, qui a optimis\u00e9 les performances de l’algorithme de chiffrement AES. Cet algorithme, notamment dans son mode d’op\u00e9ration AES-XTS<\/a>, est utilis\u00e9 pour chiffrer les disques durs via le standard LUKS (Linux Unified Key Setup) et l’outil cryptsetup<\/a>.<\/p>\n

LUKS<\/a>, cr\u00e9\u00e9 par Clemens Fruhwirth, est le standard de chiffrement de disque associ\u00e9 au noyau Linux. Il permet de chiffrer l’int\u00e9gralit\u00e9 d’un disque de mani\u00e8re \u00e0 ce qu’il soit utilisable sur diverses plates-formes et distributions Linux, voire d’autres syst\u00e8mes d’exploitation. LUKS supporte des mots de passe multiples, permettant \u00e0 plusieurs utilisateurs de d\u00e9chiffrer le m\u00eame volume sans partager leur mot de passe. Sous Linux, cryptsetup est l’impl\u00e9mentation de r\u00e9f\u00e9rence de LUKS, utilisant dm-crypt pour le chiffrement des volumes.<\/p>\n

Avec l’av\u00e8nement des disques SSD, le d\u00e9bit de donn\u00e9es est crucial, rendant les performances des primitives cryptographiques du noyau essentielles pour \u00e9viter tout ralentissement. Curieux de constater les r\u00e9sultats des optimisations d’Eric Biggers, j’ai effectu\u00e9 des benchmarks avec le noyau 6.9.10 (ancienne version) et le noyau 6.10 (nouvelle version) sur un laptop \u00e9quip\u00e9 d’un Intel Alder Lake i7-1260p. Voici les r\u00e9sultats :<\/p>\n

\"cryptsetup<\/a>
cryptsetup Benchmark 1<\/figcaption><\/figure>\n
\"cryptsetup<\/a>
cryptsetup Benchmark 2<\/figcaption><\/figure>\n

Les r\u00e9sultats des benchmarks montrent une am\u00e9lioration significative des performances de l’algorithme AES-XTS 256 bits, passant d’environ 4670 MiB\/s \u00e0 7870 MiB\/s, soit une progression impressionnante de 68%<\/strong>.<\/p>\n

Ce gain de performance exceptionnel n’est pas courant et permet d\u00e9sormais d’utiliser le chiffrement de votre disque dur sous Linux sans sacrifier les performances. Gr\u00e2ce \u00e0 ces optimisations, le chiffrement AES-XTS 256 bits offre une s\u00e9curit\u00e9 renforc\u00e9e tout en maintenant une vitesse de traitement \u00e9lev\u00e9e.<\/p>\n","protected":false},"excerpt":{"rendered":"

Le noyau Linux 6.10 vient d’\u00eatre publi\u00e9, int\u00e9grant des am\u00e9liorations significatives gr\u00e2ce au travail d’Eric Biggers, qui a optimis\u00e9 les performances de l’algorithme de chiffrement AES. Cet algorithme, notamment dans son mode d’op\u00e9ration AES-XTS, est utilis\u00e9 pour chiffrer les disques durs via le standard LUKS (Linux Unified Key Setup) et l’outil cryptsetup. LUKS, cr\u00e9\u00e9 par […]<\/p>\n","protected":false},"author":1,"featured_media":352,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[25],"tags":[40,35,37],"class_list":["post-349","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-logiciels","tag-chiffrement","tag-linux","tag-securite"],"_links":{"self":[{"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/posts\/349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/comments?post=349"}],"version-history":[{"count":4,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/posts\/349\/revisions"}],"predecessor-version":[{"id":362,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/posts\/349\/revisions\/362"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/media\/352"}],"wp:attachment":[{"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/media?parent=349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/categories?post=349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.diskigo.com\/blog\/wp-json\/wp\/v2\/tags?post=349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}