Using TrueCrypt (software encryption) with an SSD
I use full drive encryption (FDE) w/ TrueCrypt on my laptop. I have a 2nd gen I7 with AES instruction support, so honestly I can't even notice a speed change on the system with it on.
My question, is for those who know about SSD's a lot. I previously (early 2011) read articles about how software encryption will negate the speed benefits that an SSD provides - because of the need for the SSD to send a delete command, then a write command, for every encrypted write - instead of just writing over data like a regular HDD would (or something like this...honestly I can't remember...ha!).
Anyway, any improvements in this field? Is it pointless for me to grab an SSD if I'm using FDE?
Thanks all.
There are three main issues here: performance, SSD wear, and level of security.
Performance and SSD Wear
SandForce-based SSDs compress all data on-the-fly, in hardware, leading to some impressive performance improvements, i.e., increased write speeds. This also reduces the write-amplification factor (sometimes to below 1.0) which reduces the wear (the number of program/erase cycles) on the flash memory. If encryption is first done by software, such as TrueCrypt, the resulting data will be much less-compressible. This will reduce performance and increase wear.
Encrypting a non-SandForce SSD (or any SSD that doesn't encrypt in hardware) using TrueCrypt certainly reduces performance, but it's arguable that the SSD is not the bottleneck - the compression will be CPU-bound.
Security
Using TrueCrypt to encrypt an SSD (or any drive that has wear-levelling) can lead to security problems, so it is not recommend (although I'd argue that the risk is small).
SandForce-based SSDs and some other SSDs actually already encrypt all data on-the-fly. For the Intel 320, this can be used for full disk encryption, but it's not possible at the moment for SandForce drives:
SandForce drives, such as the Vertex 2, do encrypt the full drive contents, but do not provide [full disk encryption]. At the moment, the encryption feature is only useful for a quick secure erase of the drive.
TrueCrypt performs encryption/decryption in RAM, so there should be no speed penalty. See TrueCrypt - Documentation:
Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted TrueCrypt volume. Similarly, files that are being written or copied to the TrueCrypt volume are automatically being encrypted on the fly (right before they are written to the disk) in RAM.
Edit: I think I misunderstood your question initially. There appears to be some issues with TrueCrypt and wear-leveling: http://www.truecrypt.org/docs/?s=wear-leveling