[dm-crypt] The future of disk encryption with LUKS2

Sven Eschenberg sven at whgl.uni-frankfurt.de
Mon Feb 8 23:36:57 CET 2016


Hi Milan,

Are you serious about using JSON on disk level?

Regards,

-Sven

Am 08.02.2016 um 22:51 schrieb Milan Broz:
> On 02/03/2016 03:17 PM, Milan Broz wrote:
>
>>> Will any of the materials used in the presented posted online
>>> somewhere for the rest of us to see?
>
> Slides are here, but it is really just overview talk
> https://mbroz.fedorapeople.org/talks/DevConf2016/devconf2016-luks2.pdf
> (The talk name was a kind of joke because conference hashtag is #definefuture:)
>
> TL;DR; we have to provide extensible interface for different keyslot types.
>
> [Just note to already crazy discussion here - there will be NO LUKS header
> at the end of device. Been there with another storage project and
> just no - it is not worth problems it causes.]
>
> [And second note - wiping of encrypted keyslot data is with current
> storage devices impossible to do reliably.]
>
> Anyway, the first goal here is to just redefine current on-disk format
> to allow keyslot extensions. All possible changes in algorithms can
> follow because it becomes "easily" configurable.
>
> Milan
> p.s.
> There are also live stream recordings on youtube.
>
> But better than watching our LUKS2 overview talk see follow-up talk
>    "New Cryptography for Binding Data to Third Parties"
> https://www.youtube.com/watch?v=Ixo8iOpQsNQ
> (Note you need to switch camera in stream, there is no official recording
> videos yet, this is recording of a live stream from multiple rooms.)
>
> My intention with LUKS2 is to provide interface for this but
> keep responsibility for these protocols in separate projects.
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>


More information about the dm-crypt mailing list