Bitcoin Forum

If you encrypt your whole disk with dm-crypt, LUKS, Veracrypt... and so on, will it make trying to sync the blockchain much slower? Veracrypt got some cool cascaded algorithm features, so let's say you use AES(Twofish(Serpent)) cascaded combo with SHA-512.. will it make things much slower?

I did some testing on some old harddrives. The boot time was a bit slow since it had to decrypt stuff, but once in the OS it seemed like normal performance, but I had no bitcoins on there and didn't try trying to sync the blockchain. In fact I have lost the password to these disks and now they are as useful as a footdoor.

Has anyone tried full disk encryption while running a node?

Chuck in a little file compression and you can soon get back to the same performance at the cost of
a bit of CPU-Power and memory.

Disk-Drives are as slow as snails and are hardly any faster today then they were ten years ago but today
Microsoft tries to lock everyone else out from writing that kind of software and we are now at the stage
where anything they can steel, encrypt and upload they are doing.

My skills today are so good that I cannot delete index.dat files (these get hidden) on a windows 10 machine
because its no longer an OS but has become a remote terminal for Microsoft and the NSA

I did, never get any issue with that, about performance on my highend stuff is barery feelable, or there is no difference at all.

I once got well paid for sorting out a 2GB MS-Access database with about seventy user and put it on RAM-Disk and this
thing flew after that so maybe if your running a cluster of rigs then this might become an option and I am not talking about
sold state disks here but full on DDR3/5

Why would you want to encrypt the blockchain?

In general, you will be limited by the weakest link. In most cases, it's going to be the write/read speed of your disk. However, if you use AES(Twofish(Serpent)), then it's possible on lower-end machines that the CPU won't be able to encrypt/decrypt the data as fast as the hard drive can read it, in which case yes, it will slow you down.

Also you should keep in mind that tasks that were disk heavy before are now disk/cpu heavy. So syncing the blockchain would probably be slower, because a lot of the time spent syncing the blockchain is your CPU verifying the transactions. If your CPU is being torn between verifying transactions and handling disk encryption for the transactions being written to disk at the same time, I would expect a slowdown.

No, the idea is to encrypt the entire thing. Why would you not to? By the entire thing i mean the entire OS. Why would you leave open the OS that you use for anything crypto?

Again, I think it's ideal to put a wall to the entire thing and not only your wallet.dat file. But if you do it, be sure to remember the password... like I said, on my tests, I have somehow fucked up two times in two different hard drives, the password doesn't match and Veracrypt doesn't let me in.

Anyway, I think FDE is a must to keep things away from thieves and anyone else that manages to get your hard drives physically.

Given that wallet file location is somewhat configurable as of v0.16.0 (https://bitcoincore.org/en/2018/02/26/release-0.16.0/#wallets-directory-configuration), why not leave the blocks folder on an unencrypted disk? It's not exactly sensitive information :P

Keep your wallets on an encrypted disk (or in an encrypted container)... and block data elsewhere... that way your wallet files should be safe if the computer is physically compromised, but the encryption should not negatively effect performance when reading/writing to blockchain data.

I'm sure there will then be other gotcha's... like the ominous warning:

But as long as the FDE doesn't kick in during wallet operation... that shouldn't be an issue.

Because you are supposed to hide the fact that you own any bitcoins at all, and if the thieves see that you have the bitcoin blockchain, they will assume that you have bitcoins, even if you don't, which is possible that for some reason you have the blockchain but no bitcoins, but these goons will not care and will torture your ass until you give them your coins, and if you don't have any coins, you are fucked as well with no escape.

But I will not encrypt it, because I did some tests and it's way slower than normal, at least with my HDD and older computer, I guess it would be ok with modern computers, but I cant do it.

Now I just need to wipe the disks that I encrypted with Veracrypt and lost the passwords, but I dont really need them so I will leave them like that for now, there's nothing of value inside anyway.