Slower streaming with harder encryption?


#1

I’ve tried finding this answer, but couldn’t. When using gdrive + rclone, does the chosen encryption type (128 vs 256 bit for example) make a difference in how quickly media is being streamed?

Most guides use the 128 bit encryption without salt, so that might indicate there is a difference. But I’m thinking, as long as the CPU can handle the decryption it shouldn’t slow down transfers and streaming.

Anyone has an definite answer since I’m currently doubting of re-uploading my files with 128 bit (currently 256 bit)?


#2

I agree with your statement as you’d take some CPU hits to decrypt but in the end, it’s the same data being transferred down.

It depends on what problem you are trying to solve. I just want some protection for my data on my GD so 128 is fine for me.


#3

I think we shouldn’t be too worried about data safety since it’s just media files and some obfuscation is the biggest goal. For more personal data I think 128 bit is not enough anymore. Duplicati for example also encrypts at 256 bit.

The problem I now have is that I’m doubting my slow transfers are caused by the encryption strength. Re-uploading my library is bothersome and might not solve anything. Problem solving is also frustrating since Emby performs a lot better than Plex on the same config. So I was just wondering if the encryption could be a reason for the poor performance.

I’ll just keep toying with the mount settings more, since you confirmed my thought.


#4

Yes, for my sensitive data, I do encrypt much higher. For media though, I don’t care and just want some encryption.

I run Plex and Emby side by side and notice no real difference in how they perform but everyone’s setup is a little different.


#5

Good to know that Emby and Plex work the same for you, that’s a good benchmark for me. Should be my mount settings that are not optimal. I’ll be testing around with your settings from the VFS sweetspot topic.

If that doesn’t improve anything I’ll lower the encryption and test with that. Hopefully it’s not necessary.


#6

Is there a way to check how hard the encryption is set up? Tbh I do not know anymore what I have chosen and would like to check it but don’t know how.


#7

You should be able to go to your rclone config through a terminal. If you then click “edit remote” you can see the settings you chose AFAIK.


#8

Sorry as I misspoke.

You can’t change the encryption that rclone uses.

You can change the strength of the password bits if you use the generated password.

Password strength in bits.
64 is just about memorable
128 is secure
1024 is the maximum

If you use your own password, it’s only as long as you type.

From -> https://rclone.org/crypt/

The bottom part of the page explains the encryption that rclone uses. You can change the


#9

I don’t know where you misspoke? If anything, I misspoke. Just checked in Rclone config > edit remote and I can see a salted password, but not the actual password or the used strength.

So @neik, I don’t think there is a way to see.

I’m able to change my used password though for the remote. I wonder what then happens to the files already on the remote. I think they can’t be read anymore.


#10

I don’t use the generated passwords as I use my own and generate them and store them elsewhere.

If you change the password, it won’t be able to read anything already uploaded.


#11

Do you have an idea of the bit strength of your chosen password? Could be that your password is actually >128 bit?


#12

Are you talking about the length of the key?

The actual encryption does not vary whatever length of key you use so it should make no difference I think.


#13

I’m not sure if 128 bit vs 256 bit (generated by rclone) is a difference of length? My knowledge is not sufficient for that.

So what exactly do you mean with a difference of length does not make a difference. If I choose 128 bit or maybe even 1096 bit while setting up Crypt, on what does that setting actually have impact? There should be a performance drop somewhere right?


#14

That is just the length of the generated key.

The actual keys used for the encryption are generated from that key. The encryption itself always uses a 256 bit key.


#15

But the chosen password can very in length and thus making the encryption/decryption harder/slower right? Decrypting a 64 bit password vs a 256 bit password even though it’s encrypted by 256 bit should make a difference?

If it wouldn’t make any difference I don’t understand why Rclone would specify 64 bit is memorable and 128 bit is secure.


#16

Not really.

The password is used to create the encryption key which is always the same length. So even if the password is very long the encryption key is the same size. This only needs to be done once so, yes rclone may take a few more microseconds at the start if you use a longer password, but it won’t make any difference to transfer speeds.

64 bit passwords are just about the limit of what the average human can actually remember.

128 bit passwords have enough possibilities that there isn’t enough time or matter in the universe to try them all. There are 340282366920938463463374607431768211456 possible 128 bit passwords. Take a look on stack overflow for more explanations.


#17

Thanks, that explains it well for me. I don’t need to worry about reüploading then or slow transfer times!