Presentation: Authenticated disk encryption and protection from bit rot in Linux using dm-integrity
- Date: Thursday, 23st of May
- Time: From 19:30 until about 20:30
- Location: At our hackerspace (Kyburgstrasse 13 in 3013 Bern)
dm-integrity is a relatively young component in the Linux storage stack. This device mapper target adds two important abilities that have been lacking in Linux before.
One of those is protection from bit rot, that is to say the gradual degradation of the storage medium and the resulting loss of data. This process is inherent to all types of storage media, if not to the same degree. dm-integrity adds the ability to detect bit rot which then empowers us to combat it.
The second new ability is authenticated encryption. LUKS / dm-crypt has long been providing good full disk encryption on Linux systems. A tight integration with dm-integrity now brings protection from additional, if admittedly exotic, attack vectors.
I will describe both use cases in more detail in my presentation. It will also feature some advantages and disadvantages and explain how to integrate dm-integrity with some typical storage stack set-ups.
Collection
Free access to knowledge is one of our core values. As such and as always, entry to the presentation will be free to all. However, with the pending relocation of our hackerspace we will be taking a collection. Anyone who can afford it is kindly asked to contribute some money to our moving funds.