AES-XTS is a widely used encryption mode for securing disk and file data. On modern x86_64 CPUs, including recent Intel and AMD processors, AES-XTS operations can be significantly accelerated by leveraging specialized CPU instructions and optimized kernel implementations. Activating AES-XTS acceleration in Linux can speed up encryption and decryption tasks, reducing system load and improving data throughput for encrypted storage.
Understanding AES-XTS Acceleration on Modern CPUs
Modern processors support advanced instruction sets such as AES-NI (Advanced Encryption Standard New Instructions), VAES (Vector AES), and AVX (Advanced Vector Extensions) which enable faster cryptographic operations. Linux kernels from version 6.10 onwards incorporate new AES-XTS implementations that utilize these instructions to speed up encryption and decryption.
CPUs with VAES support, such as Intel Ice Lake and later models, as well as AMD Zen 3 and newer, benefit the most from these optimizations. These changes can increase AES-XTS throughput by over 100% on some CPUs, notably AMD Zen 4, which can see up to a 155% speed increase for 4096-byte message encryption and decryption.
Enabling AES-XTS Acceleration in Linux
Step 1: Verify your CPU supports AES-NI and VAES instructions. You can check your CPU flags by running:
grep -m1 -o aes /proc/cpuinfo
grep -m1 -o avx /proc/cpuinfo
grep -m1 -o vaes /proc/cpuinfoIf the output includes aes and avx, your CPU supports AES-NI and AVX instructions. VAES support may require checking specific CPU documentation or using tools like lscpu or cpuid.
Step 2: Ensure your Linux kernel version is 6.10 or newer to benefit from the latest AES-XTS implementations. You can check your kernel version with:
uname -rIf your kernel is older, consider upgrading to a newer version that includes the optimized AES-XTS code.
Step 3: Confirm that the AES-NI kernel module is loaded. This module provides hardware acceleration for AES operations. Check loaded modules with:
lsmod | grep aesni_intelIf the module is not loaded, load it manually:
sudo modprobe aesni_intelStep 4: Verify the crypto subsystem is using the accelerated AES-XTS implementation. You can inspect available crypto algorithms and their priorities using:
cat /proc/crypto | grep -A10 aes-xtsThe accelerated AES-XTS implementations are integrated into the existing CONFIG_CRYPTO_AES_NI_INTEL kernel configuration option and are automatically selected based on your CPU model.
Testing AES-XTS Performance
To measure the performance of AES-XTS encryption and confirm acceleration is active, use cryptsetup benchmark:
sudo cryptsetup benchmarkLook for the AES-XTS results. Modern CPUs with acceleration enabled should report throughput in the hundreds or thousands of MiB/s, significantly higher than without acceleration.
Alternatively, you can test with openssl speed tests, for example:
openssl speed -evp aes-256-xtsAdditional Tips and Considerations
- Some Intel CPUs may reduce CPU frequency when using AVX-512 instructions, which can affect performance. The Linux kernel avoids using the highest AVX registers (ZMM) on certain models like Ice Lake to prevent downclocking.
- Performance gains vary by CPU generation and workload size; larger data blocks typically see more significant speedups.
- Ensure your BIOS or firmware does not disable AES hardware acceleration features.
- Keep your system updated to benefit from ongoing kernel improvements in cryptographic performance.
Summary
Activating AES-XTS acceleration on modern Linux systems involves verifying CPU support, running a recent Linux kernel with AES-NI and VAES-enabled crypto modules, and ensuring the appropriate kernel modules are loaded. These steps unlock substantial speed increases for disk and file encryption tasks, improving overall system efficiency and responsiveness when using encrypted storage.
With these configurations, your Linux system will utilize the full capabilities of modern CPUs to speed up AES-XTS encryption, making encrypted storage faster and more efficient without additional hardware changes.
Member discussion