Back in October of 2023, testing found that the default software BitLocker encryption on Windows was responsible for causing significant performance hit on SSDs. The tested drive was a Samsung 990 Pro NVMe PCIe Gen4 SSD and it lost up to 46% performance with Windows" software BitLocker solution compared to no encryption.
The default software-based BitLocker encryption uses XTS-AES 128, where XTX stands for XEX Tweakable Block Cipher with Ciphertext Stealing and AES is Advanced Encryption Standard, and it is enabled by default on Windows notebooks and laptops, and other pre-built Windows PCs.
Although the impact on mechanical spinning hard disks was not tested, it is probably not too wrong to assume that HDDs would not have had it much better either. You can find the full details of the performance impact in the dedicated coverage we did.
Over on the other side, the Linux kernel version 6.10 is getting ready and it is receiving a lot of love in terms of AES-XTX disk encryption performance, particularly from Google.
Eric Biggers from Google has been working on various AES-XTS implementations for modern AMD and Intel processors. This includes additions related to AES-NI (New Instructions), VAES (Vectorized AES), and AVX (Advanced Vector Extensions) -256 and -512. Intel"s relatively new AVX10 is also included.
In terms of how much of an improvement this could bring, early measurements are showing very promising results with a performance bump of up to 155% in the case of AMD.
The tests were conducted on AMD Zen 4 and Intel Sapphire Rapids, though the particular CPU model used was not mentioned.
As you can see in the images below, in terms of throughput data in MB/s, both AMD and Intel did the best in XTS-AES VAES AVX10-512 when benchmarking with 4096-byte messages. While the Zen 4 chip managed to do 10,868 MB/s Intel Sapphire Rapids found itself capable of outputting 12,176 MB/s.
Meanwhile, when expressed in percentages, there is a massive 155% improvement on Zen 4 followed by a close 138% on Zen 3, once again for 4096-byte. Intel too was no slouch here as Sapphire Rapids managed a 151% improvement.
These are certainly some massive gains for both AMD and Intel. Unfortunately, we currently have no idea how this improvement for Linux 6.10 will fare against Windows. The latter has not had the cleanest track record though as CPUs with VAES from both AMD and Intel were found susceptible to potential data damage.