When I do a benchmark test
modprobe tcrypt sec=2 mode=200
I see that different encryption block sizes are used
test 0 (128 bit key, 16 byte blocks): 4460604 operations in 2 seconds (71369664 bytes)
test 1 (128 bit key, 64 byte blocks): 1747179 operations in 2 seconds (111819456 bytes)
test 2 (128 bit key, 256 byte blocks): 517747 operations in 2 seconds (132543232 bytes)
test 3 (128 bit key, 1024 byte blocks): 135801 operations in 2 seconds (139060224 bytes)
test 4 (128 bit key, 8192 byte blocks): 17161 operations in 2 seconds (140582912 bytes)
Question
I use 4k block size on my harddisk.
When creating a LUKS partition, is it then possible to set the encryption block size?
If not, which encryption block size is then used?
Best Answer
The encryption block size depends on the cipher you are using. Many common ciphers have a fixed block size.
For example - AES has a block size of 128 bits (16 bytes), but it permits key sizes of 128, 192, and 256 bits. - Blowfish, has a 64 bit block size (8 bytes) and a variable key size from 32 to 448 bits. - DES/DES3, has a 64 bit block size (8 bytes). 3DES, supports key sizes of 168, 112, and 56 bits.
As far as I know, every common cipher in uses has a relatively very small block size, when compared against the sector sizes of drives (512/4096 bytes) of a drive.
In any case, I suspect the confusion is in what the tcrypt module is reporting to you. The block size mentioned is telling you the size of the chunk of data that is pased to the encryption function. It isn't referring to the encryption block size used by the cipher.