I use dm-crypt to encrypt partitions. I am building a small office server from consumer (or pro-sumer) category hardware. It made me wonder, hardware-assisted encryption is a notion in the air for years, is it reality yet?
The two crytical points of my question are:
- Do the mainstream manufacturers (Asus, Gigabyte etc.) ship products with these (cheap) chips?
- Does the Linux kernel have a (reasonably old) implementation for the hardware and integration with dm-crypt?
Bonus: The same two question with TPM chips. Do manufacturers integrate them to their hardware already? Are they supported by Linux? Do they speed anything up? Do they have any performance advantage?
The Via C3 series of CPUs integrated a technology called "Via Padlock". This was hardware-accelerated crypto in the CPU. The Linux kernel gained support for this fairly rapidly. Likewise, many modern CPUs (Intel Sandy Bridge, for example) incorporate support for the AES-NI (AES Native Instruction) instruction set. These are instructions that implement portions of AES natively in hardware, significantly increasing the speed of encryption. These instructions are also supported by the Linux kernel.
I'm not sure which "cheap" chips you're referring to. While there are hardware crypto accelerators, these are FAR from cheap. The last time I looked at them, they were thousands of dollars each. They are intended (typically) either for VPN concentrators or webservers that do a lot of HTTPS traffic. (In other words, systems where almost all the connections are encrypted.) Several of these devices are supported by the Linux kernel.
As for TPM chips: TPM chips are capable of storing encryption keys, and I believe the Linux kernel supports them. TPM chips do not perform cryptographic operations (well, technically they do, but not for things like disk encryption) and so offer no benefit for dm-crypt.