Solved

Hard Disk encryption = shorter disk life?

Posted on 2011-03-21
15
620 Views
Last Modified: 2012-05-11
Can anyone direct me to white papers or evidence pertaining to life expectancy of a Disk being shortened by encryption?
Or evidence to the contrary showing no affect on life expectancy?
0
Comment
Question by:sullend
  • 4
  • 4
  • 2
  • +3
15 Comments
 
LVL 4

Expert Comment

by:booster49
ID: 35181164
The real question is: "do hard drives have to work harder(i.e read/write more) if they are encrypted?"

Which is probably a yes as they are first stored unencrypted and then encrypted where-after the unencrypted files get deleted.

after rephrasing I still couldn't find any conclusive papers on this trough.
0
 
LVL 12

Expert Comment

by:Amick
ID: 35181465
Actually, I believe you'll find that the files are encrypted  before they're written to the disk, otherwise there is an unacceptable security risk of plaintext data being recovered.  If the encryption process makes the resulting data larger, then there may be a  penalty, but If  the data is compressed there is a likelihood that disks will have longer lives as less surface will be written and heads will have to move less.



0
 
LVL 23

Expert Comment

by:Danny Child
ID: 35181469
Beg to differ, there wouldn't be much point using disk encryption if it first wrote an unencrypted version to disk....!

Factors for disk life would normally be - environmental temperature, vibration levels, power supply stability, and so on.  And then you have to factor in the random nature of manufacturing defects in the drive itself.  MTBF - Mean Time Before Failure is the average expected lifespan of a disk, and can be a partial guide to lifespan.  There are some caveats though...
http://www.pcmag.com/article2/0,2817,2105611,00.asp

Also, in general, it's only a small area of a disk that is encrypted, as encrypting the OS leads to many difficulties.  So, most of the disk read/writes are normal.  

Additionally, depending on the encryption used, the actual volume of the data written or read may not have much of an overhead.  The disk doesn't know or care whether the data written was plain text or uberhashed beyond all reason...
0
 
LVL 2

Expert Comment

by:ghemstrom
ID: 35181595
If you need the security of encryption, the extra hardware cost would not be an issue.

The real issue is whether you could recover encrypted data from a disk with readability problems: You should be particularly cautious about backup procedures and storing of backup media if you have unique data on encrypted harddisks.An encrypted harddisk is only protecting data that you lose when you lose the computer physically and have a sophisticated enough password protection.
0
 
LVL 23

Expert Comment

by:Danny Child
ID: 35181603
so, in summary, I would not expect any significant difference between lifespan of encrypted vs unencrypted data.  However, I would take MORE care with my backups of encrypted data, as any problem would be harder to recover from.  
0
 
LVL 4

Expert Comment

by:booster49
ID: 35181613
@DanCh99
Lets say you use the truecrypt bootloader to encrypt an entire OS, and then while in that os you download a 5gb .rar file from somewhere. Would the harddrive then encrypt this while its downloading?
And will it automatically slow down the download if you download it faster then you can encrypt it?

Seems like a solution prone to many errors.
0
 

Author Comment

by:sullend
ID: 35181616
Ok so other than the "intitial process of encrypting the data" once encryption occurs there is really no change in disk life expectancy?  Correct?  This seems to make sense to me...
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 4

Expert Comment

by:booster49
ID: 35181730
@sullend
Like @DanCh99 said:
The disk doesn't know or care whether the data written was plain text or uberhashed beyond all reason...

So no it doesn't matter.
0
 
LVL 70

Accepted Solution

by:
garycase earned 500 total points
ID: 35181749
There is ZERO difference in life expectancy.    From the disk's perspective, you're simply writing/reading data ... whether that data is encrypted or not is completely irrelevant.

On a side note r.e. the discussion of whether or not data is first written in unencrypted form:  it is NOT.    If you are using encryption, the data is NEVER written to the disk unencrypted.    The computational overhead to encrypt the data is still faster than disk write speeds, so there is no penalty in disk write speeds.    r.e. booster49's question r.e. downloading a 5gb .RAR file ==> wouldn't matter if it was 50GB ... Yes, it would be encrypted "on the fly" as it was written to the disk.    That would not "slow down the download", as the encryption process is still much faster than you can download it.
0
 
LVL 23

Expert Comment

by:Danny Child
ID: 35181768
I'm just posting too slowly today!  beaten every time.....
0
 
LVL 12

Expert Comment

by:Amick
ID: 35181859
0
 
LVL 4

Expert Comment

by:booster49
ID: 35181931
@Danch99

thx always nice to learn something new:)
0
 
LVL 70

Expert Comment

by:garycase
ID: 35181943
With older CPUs there is some performance hit (but not much);   with newer CPUs there's almost no impact on writes, as the computations can be done faster than the disk accepts data.    There IS some impact on read speeds, as the data has to first be read, then decrypted.

Note that with SSDs the overhead is more significant, since the SSDs are so much faster than rotating platter drives -- but it's still not enough to be noticeable.
0
 
LVL 2

Expert Comment

by:ghemstrom
ID: 35184501
But with SSDs the life of the disk will be limited by the number of successive writes in the same sector, which might be a nuisance if you want high disk life expectancy.
0
 
LVL 23

Expert Comment

by:Danny Child
ID: 35188074
So, I was slow in posting, but then the Accepted Answer from Gary confirms my comments.  He always was more awesome than me!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Rasberry PI is a low cost piece of hardware that you can have a lot of fun with through experimenting and building/working on projects like media players, running a low cost computer, build data loggers etc. - see: https://www.raspberrypi.org
This is about my first experience with programming Arduino.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now